Report Generated On: Mar 9, 2014 9:38:18 AM
Dependencies Scanned: 382 (
show all )
Vulnerable Dependencies: 123
Dependencies
org.eclipse.e4.ui.services.source_1.0.0.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.services.source_1.0.0.v20130515-1857.jar
MD5: 4C0059E4CFCE622CBDF97ADAC2B067A5
SHA1: AE6FC13E6AEDFDA44D69289C6F1A7B0C55D78C86
Evidence
Source Name Value
file name org.eclipse.e4.ui.services.source_1.0.0.v20130515-1857
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.ui.services.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.ui.services;version="1.0.0.v20130515-1857";roots:="."
org.eclipse.ant.launching.source_1.0.300.v20130514-1341.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ant.launching.source_1.0.300.v20130514-1341.jar
MD5: 462631411FCBE19EB37346C14196C55F
SHA1: B4704D900DB8D417C2D4EEBB566EC500E737D7C1
Evidence
Source Name Value
file name org.eclipse.ant.launching.source_1.0.300.v20130514-1341
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ant.launching.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ant.launching;version="1.0.300.v20130514-1341";roots:="lib/loggerssrc,lib/remotesrc,.,lib/antdebugsrc"
org.eclipse.ui.trace_1.0.100.v20130508-1926.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.trace_1.0.100.v20130508-1926.jar
MD5: 803CBEC01ECA6BE13551BC31E8221B7F
SHA1: 0A08CE835B9CCAC85B02A9E5DCDA4E007E53F861
Evidence
Source Name Value
file name 1.0.100.v20130508
file name org.eclipse.ui.trace_1.0.100.v20130508-1926
file name org.eclipse.ui.trace_1.0.100.v20130508-1926
jar package eclipse
jar package internal
jar package trace
jar package ui
jar package name eclipse
jar package name trace
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.ui.trace;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.0.100.v20130508-1926
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/pde/eclipse.pde.ui.git;path="ui/org.eclipse.ui.trace";tag="I20130508-2000";commitId=29279c122b9a3e86c5fcb3ffbb0e10d755c39821
Manifest require-bundle org.eclipse.osgi;bundle-version="[3.6.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.6.0,4.0.0)",org.eclipse.ui;bundle-version="[3.6.0,4.0.0)"
Manifest service-component OSGI-INF/tracingInitializer.xml
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.core.databinding.source_1.4.1.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.databinding.source_1.4.1.v20130515-1857.jar
MD5: 20F1330C2F10EC056A7E4E7A03256D63
SHA1: 5C18C4279341F6DB5EC7B8C50811BE4FE0923044
Evidence
Source Name Value
file name org.eclipse.core.databinding.source_1.4.1.v20130515-1857
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.core.databinding.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.core.databinding;version="1.4.1.v20130515-1857";roots:="."
org.eclipse.ui.externaltools_3.2.200.v20130508-2007.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.externaltools_3.2.200.v20130508-2007.jar
MD5: 286DBB5221F00C571FA250845AE8BFF4
SHA1: 531F561E29D035352826A50AD2CF2418386DA835
Evidence
Source Name Value
file name 3.2.200.v20130508
file name org.eclipse.ui.externaltools_3.2.200.v20130508-2007
file name org.eclipse.ui.externaltools_3.2.200.v20130508-2007
jar package eclipse
jar package externaltools
jar package internal
jar package ui
jar package name eclipse
jar package name externaltools
jar package name ui
Manifest Bundle-Name %Plugin.name
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ui.externaltools; singleton:=true
Manifest Bundle-Vendor %Plugin.providerName
Manifest Bundle-Version 3.2.200.v20130508-2007
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.debug.git;path="org.eclipse.ui.externaltools";tag="I20130508-2000";commitId=59608a8f5df74c5acd47af45f7e8c5fe14b42358
Manifest require-bundle org.eclipse.ui.ide;bundle-version="[3.2.0,4.0.0)";resolution:=optional,org.eclipse.core.resources;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.variables;bundle-version="[3.1.0,4.0.0)",org.eclipse.ui;bundle-version="[3.2.0,4.0.0)",org.eclipse.debug.core;bundle-version="[3.2.0,4.0.0)",org.eclipse.debug.ui;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.1.0,4.0.0)",org.eclipse.core.externaltools;bundle-version="[1.0.0,2.0.0)"
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.equinox.p2.touchpoint.eclipse.source_2.1.200.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.touchpoint.eclipse.source_2.1.200.v20130327-2119.jar
MD5: B3BD69FBEEA224934AE68B65E3C7011D
SHA1: 413CA6C3872AAF616EF243E9F70512AEC70B1676
Evidence
Source Name Value
file name org.eclipse.equinox.p2.touchpoint.eclipse.source_2.1.200.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.touchpoint.eclipse.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.touchpoint.eclipse;version="2.1.200.v20130327-2119";roots:="."
org.eclipse.ui.navigator_3.5.300.v20130517-0139.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.navigator_3.5.300.v20130517-0139.jar
MD5: B169CF76B4403922A49C8C831780CAFC
SHA1: 7079F3E91418226F314F32284E02639C430F17FF
Evidence
Source Name Value
file name 3.5.300.v20130517
file name org.eclipse.ui.navigator_3.5.300.v20130517-0139
file name org.eclipse.ui.navigator_3.5.300.v20130517-0139
jar package eclipse
jar package internal
jar package navigator
jar package ui
jar package name eclipse
jar package name navigator
jar package name ui
Manifest Bundle-Name %Plugin.name
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ui.navigator; singleton:=true
Manifest Bundle-Vendor %Plugin.providerName
Manifest Bundle-Version 3.5.300.v20130517-0139
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.ui.navigator";tag="I20130516-2200";commitId=f3a281531ddf2aa81af4f270c14c5f18ac7b8729
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.6.0,4.0.0)",org.eclipse.ui;bundle-version="[3.6.0,4.0.0)",org.eclipse.core.expressions;bundle-version="[3.4.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.ecf.source_3.2.0.v20130604-1622.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ecf.source_3.2.0.v20130604-1622.jar
MD5: E95052D0B3D5F3D1E50F1DE8E98BF655
SHA1: 5168FBBDB6C587F7BF7FC9CD7E445B7B0A7C9CDF
Evidence
Source Name Value
file name org.eclipse.ecf.source_3.2.0.v20130604-1622
Manifest Bundle-Name ECF Core API Source
Manifest bundle-symbolicname org.eclipse.ecf.source;singleton:=true
Manifest Bundle-Vendor Eclipse.org - ECF
Manifest eclipse-sourcebundle org.eclipse.ecf;version="3.2.0.v20130604-1622";roots="."
runtime_registry_compatibility.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/runtime_registry_compatibility.jar
MD5: E3E2C439A84C9084CE991CC978D826A7
SHA1: AC04672BB5FE775A57510AC581B6645210C11C32
Evidence
Source Name Value
file name runtime_registry_compatibility
jar package core
jar package eclipse
jar package internal
jar package registry
org.eclipse.jdt.compiler.tool.source_1.0.200.v20130530-1010.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.compiler.tool.source_1.0.200.v20130530-1010.jar
MD5: 8A93472B502768B32A42843127417C76
SHA1: AEE14BFBCE8C60C31869E6233C96108C0A12F400
Evidence
Source Name Value
file name org.eclipse.jdt.compiler.tool.source_1.0.200.v20130530-1010
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jdt.compiler.tool.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jdt.compiler.tool;version="1.0.200.v20130530-1010";roots:="."
org.eclipse.core.databinding_1.4.1.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.databinding_1.4.1.v20130515-1857.jar
MD5: 5689219C77AACF4853FCE965DCB7FB7F
SHA1: 2F5ABF468B7140A0FFA8903C11AABA88FEE66A23
Evidence
Source Name Value
file name 1.4.1.v20130515
file name org.eclipse.core.databinding_1.4.1.v20130515-1857
file name org.eclipse.core.databinding_1.4.1.v20130515-1857
jar package core
jar package databinding
jar package eclipse
jar package internal
jar package name binding
jar package name core
jar package name databinding
jar package name eclipse
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment CDC-1.1/Foundation-1.1,J2SE-1.4
Manifest bundle-symbolicname org.eclipse.core.databinding
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.4.1.v20130515-1857
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.core.databinding";tag="I20130515-2000";commitId=bc510cfd80224d0d77919e36978d5bc71eb6fa3d
Manifest import-package-comment see http://wiki.eclipse.org/
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.databinding.observable;bundle-version="[1.3.0,2.0.0)";visibility:=reexport,org.eclipse.core.databinding.property;bundle-version="[1.3.0,2.0.0)"
Related Dependencies
org.eclipse.core.databinding.observable_1.4.1.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.databinding.observable_1.4.1.v20130515-1857.jar
SHA1: 0F2353EA9C103FE3077E3E83507310185EF5FFA3
MD5: 97B73ED3C21D20E41F12A1F44732ED0C
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.jsch.core.source_1.1.400.v20111202-1616.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jsch.core.source_1.1.400.v20111202-1616.jar
MD5: 85158A5E91CF00C1E6D7078B9836B78B
SHA1: 286B46B29320E538D08B6B9B705AE53F8C4B9592
Evidence
Source Name Value
file name org.eclipse.jsch.core.source_1.1.400.v20111202-1616
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jsch.core.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jsch.core;version="1.1.400.v20111202-1616";roots:="."
org.eclipse.core.contenttype.source_3.4.200.v20130326-1255.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.contenttype.source_3.4.200.v20130326-1255.jar
MD5: 7966F9BFACD6B527A3B47894160699D9
SHA1: 2581A17631CE5484A5ADD1590B899653D1358D28
Evidence
Source Name Value
file name org.eclipse.core.contenttype.source_3.4.200.v20130326-1255
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.core.contenttype.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.core.contenttype;version="3.4.200.v20130326-1255";roots:="."
org.eclipse.ui.intro.universal.source_3.2.600.v20130326-1254.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.intro.universal.source_3.2.600.v20130326-1254.jar
MD5: DA43649DA313BD2206442451E3C99D28
SHA1: 828A8372956879B6D675FFA5E4EC3B3678026E9F
Evidence
Source Name Value
file name org.eclipse.ui.intro.universal.source_3.2.600.v20130326-1254
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.intro.universal.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.intro.universal;version="3.2.600.v20130326-1254";roots:="universalsrc"
org.eclipse.e4.ui.css.swt.source_0.11.0.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.css.swt.source_0.11.0.v20130515-1857.jar
MD5: 2E6567EEF0592FBDF9D837C9EBD2902E
SHA1: B822EB1E2F97D64EA74DD706D147E6B12A4286D1
Evidence
Source Name Value
file name org.eclipse.e4.ui.css.swt.source_0.11.0.v20130515-1857
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.ui.css.swt.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.ui.css.swt;version="0.11.0.v20130515-1857";roots:="."
org.eclipse.compare.win32.source_1.0.200.v20130514-1224.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.compare.win32.source_1.0.200.v20130514-1224.jar
MD5: DFF633B5227D346226F37B804ACF522B
SHA1: 5E65B90D1E2C2E2F07EBD7929CD6071824336AF2
Evidence
Source Name Value
file name org.eclipse.compare.win32.source_1.0.200.v20130514-1224
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.compare.win32.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.compare.win32;version="1.0.200.v20130514-1224";roots:="."
org.eclipse.jdt.compiler.tool_1.0.200.v20130530-1010.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.compiler.tool_1.0.200.v20130530-1010.jar
MD5: E34F60BFBD44DA1D0BD4193E8E75F351
SHA1: 0D23625969745D5B85535FFB08D8F57054DA7436
Evidence
Source Name Value
file name 1.0.200.v20130530
file name org.eclipse.jdt.compiler.tool_1.0.200.v20130530-1010
file name org.eclipse.jdt.compiler.tool_1.0.200.v20130530-1010
jar package compiler
jar package eclipse
jar package internal
jar package jdt
jar package name compiler
jar package name eclipse
jar package name jdt
Manifest Bundle-Name %fragmentName
Manifest bundle-requiredexecutionenvironment JavaSE-1.6
Manifest bundle-symbolicname org.eclipse.jdt.compiler.tool;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.0.200.v20130530-1010
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.core.git;path="org.eclipse.jdt.compiler.tool";tag="I20130530-1430";commitId=760ef9b34243875ff06c163b177d17f0c77d9df3
Manifest fragment-host org.eclipse.jdt.core;bundle-version="[3.3.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.core.net_1.2.200.v20130430-1352.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.net_1.2.200.v20130430-1352.jar
MD5: E3A5C6240B19C04842CFEC9B71599D07
SHA1: 8D6A4418FDABEA21335098F98AA5F6407D0073D5
Evidence
Source Name Value
file name 1.2.200.v20130430
file name org.eclipse.core.net_1.2.200.v20130430-1352
file name org.eclipse.core.net_1.2.200.v20130430-1352
jar package core
jar package eclipse
jar package internal
jar package net
jar package name core
jar package name eclipse
jar package name net
Manifest Bundle-Name %PLUGIN_NAME
Manifest bundle-requiredexecutionenvironment J2SE-1.4,CDC-1.1/Foundation-1.1
Manifest bundle-symbolicname org.eclipse.core.net;singleton:=true
Manifest Bundle-Vendor %PLUGIN_PROVIDER
Manifest Bundle-Version 1.2.200.v20130430-1352
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.team.git;path="bundles/org.eclipse.core.net";tag="I20130430-1421";commitId=a0d77570b97fe8600e87975cd4c5df425bcf2b75
Manifest require-bundle org.eclipse.equinox.security;bundle-version="[1.0.0,2.0.0)",org.eclipse.equinox.common;bundle-version="3.4.0",org.eclipse.equinox.preferences;bundle-version="3.2.200",org.eclipse.osgi;bundle-version="3.4.0",org.eclipse.equinox.registry;bundle-version="3.4.0"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.core.jobs_3.5.300.v20130429-1813.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.jobs_3.5.300.v20130429-1813.jar
MD5: 16E81C1DBFA07C6BE904E27F081E2FF2
SHA1: 8490F24F962D71BF1458DB34A14A8A8B5DF9DD58
Evidence
Source Name Value
file name 3.5.300.v20130429
file name org.eclipse.core.jobs_3.5.300.v20130429-1813
file name org.eclipse.core.jobs_3.5.300.v20130429-1813
jar package core
jar package eclipse
jar package internal
jar package jobs
jar package name core
jar package name eclipse
jar package name jobs
jar package name runtime
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment CDC-1.1/Foundation-1.1,J2SE-1.4
Manifest bundle-symbolicname org.eclipse.core.jobs; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.5.300.v20130429-1813
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.runtime.git;path="bundles/org.eclipse.core.jobs";tag="I20130429-2000";commitId=c912fe926531d35e8d5f53b3b781bf85762262c2
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.core.filesystem.win32.x86_1.4.0.v20121112-0948.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.filesystem.win32.x86_1.4.0.v20121112-0948.jar
MD5: 95947FAA755A4920D0B184B612A40E3C
SHA1: 8CD379303EBD329BCDCD8C9D54F900149ECA4C94
Evidence
Source Name Value
file name 1.4.0.v20121112
file name org.eclipse.core.filesystem.win32.x86_1.4.0.v20121112-0948
file name org.eclipse.core.filesystem.win32.x86_1.4.0.v20121112-0948
Manifest Bundle-Name %fragmentName
Manifest bundle-symbolicname org.eclipse.core.filesystem.win32.x86; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.4.0.v20121112-0948
Manifest eclipse-platformfilter (& (osgi.os=win32) (osgi.arch=x86))
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.resources.git;path="bundles/org.eclipse.core.filesystem.win32.x86";tag="I20130402-0800";commitId=0621f2a34ffbbf33d9df4955717872b510e3bbda
Manifest fragment-host org.eclipse.core.filesystem;bundle-version="[1.4.0,2.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.e4.ui.workbench.source_1.0.0.v20130531-1444.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.workbench.source_1.0.0.v20130531-1444.jar
MD5: F21238E7928A25913EFB5CE3F3CE5402
SHA1: DDF0D08F8AD2B9E14B334AE340B10F43E918C159
Evidence
Source Name Value
file name org.eclipse.e4.ui.workbench.source_1.0.0.v20130531-1444
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.ui.workbench.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.ui.workbench;version="1.0.0.v20130531-1444";roots:="."
org.eclipse.core.runtime.compatibility_3.2.200.v20130326-1255.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.runtime.compatibility_3.2.200.v20130326-1255.jar
MD5: 446DA2CF19116722B118C7E75FF61F34
SHA1: 3BC2B72063B5CF4161DB8E381D19ED879181142B
Evidence
Source Name Value
file name 3.2.200.v20130326
file name org.eclipse.core.runtime.compatibility_3.2.200.v20130326-1255
file name org.eclipse.core.runtime.compatibility_3.2.200.v20130326-1255
jar package core
jar package eclipse
jar package internal
jar package name compatibility
jar package name core
jar package name eclipse
jar package name runtime
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4,CDC-1.0/Foundation-1.0,J2SE-1.3
Manifest bundle-symbolicname org.eclipse.core.runtime.compatibility; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.2.200.v20130326-1255
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.runtime.git;path="bundles/org.eclipse.core.runtime.compatibility";tag="I20130402-0800";commitId=f7384dbdfaca23b79978109ac9681abf5400db30
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.2.0,4.0.0)";visibility:=reexport,org.eclipse.update.configurator;bundle-version="[3.1.100,4.0.0)";visibility:=reexport
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.p2.artifact.repository.source_1.1.200.v20130515-2028.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.artifact.repository.source_1.1.200.v20130515-2028.jar
MD5: C24FCDA41DE1A7BFED935813B13CF928
SHA1: 59FB98B5A582FDCB211F29A752C2D87A19470A4F
Evidence
Source Name Value
file name org.eclipse.equinox.p2.artifact.repository.source_1.1.200.v20130515-2028
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.artifact.repository.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.artifact.repository;version="1.1.200.v20130515-2028";roots:="."
org.eclipse.equinox.p2.reconciler.dropins_1.1.200.v20130419-1850.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.reconciler.dropins_1.1.200.v20130419-1850.jar
MD5: 24A22DD370A3F41283F5AE02F51A36D9
SHA1: 727E97EAAFDE2F653EFBED083F4DB9ED6B7E374E
Evidence
Source Name Value
file name 1.1.200.v20130419
file name org.eclipse.equinox.p2.reconciler.dropins_1.1.200.v20130419-1850
file name org.eclipse.equinox.p2.reconciler.dropins_1.1.200.v20130419-1850
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name equinox
jar package name p2
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5,J2SE-1.4,CDC-1.1/Foundation-1.1
Manifest bundle-symbolicname org.eclipse.equinox.p2.reconciler.dropins;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.1.200.v20130419-1850
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.reconciler.dropins";tag="I20130419-1752";commitId=4eb009762982efe139889f9274591d3fbfc01dcc
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.5.0,4.0.0)",org.eclipse.equinox.p2.touchpoint.eclipse;bundle-version="1.0.0",org.eclipse.equinox.p2.metadata
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.p2.ui.source_2.3.0.v20130528-2154.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.ui.source_2.3.0.v20130528-2154.jar
MD5: BC5C82F9FB647F375874AEE52C0710BE
SHA1: 2A2BF14308819DF0C4F1DB48BEE4CF0B2A2AD00F
Evidence
Source Name Value
file name org.eclipse.equinox.p2.ui.source_2.3.0.v20130528-2154
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.ui.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.ui;version="2.3.0.v20130528-2154";roots:="."
org.eclipse.equinox.http.jetty.source_3.0.100.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.http.jetty.source_3.0.100.v20130327-1442.jar
MD5: 130C8FBB76F32F3F876269D25B5D3A1B
SHA1: 528D4F735ADC722473BA31C420F6BAA641D80719
Evidence
Source Name Value
file name 3.0.100.v20130327
file name org.eclipse.equinox.http.jetty.source_3.0.100.v20130327-1442
file name org.eclipse.equinox.http.jetty.source_3.0.100.v20130327-1442
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.http.jetty.source
Manifest Bundle-Vendor %bundleVendor
Manifest Bundle-Version 3.0.100.v20130327-1442
Manifest eclipse-sourcebundle org.eclipse.equinox.http.jetty;version="3.0.100.v20130327-1442";roots:="."
cpe: cpe:/a:jetty:jetty:3.0.100.v20130327
suppress
org.eclipse.ui.trace.source_1.0.100.v20130508-1926.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.trace.source_1.0.100.v20130508-1926.jar
MD5: 164710A8C49FCC1E200F75546DBE1074
SHA1: 41E95A0A4DCFDE991A25CFA6F1D099F5C760CE9F
Evidence
Source Name Value
file name org.eclipse.ui.trace.source_1.0.100.v20130508-1926
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.trace.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.trace;version="1.0.100.v20130508-1926";roots:="."
org.eclipse.ecf_3.2.0.v20130604-1622.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ecf_3.2.0.v20130604-1622.jar
MD5: C26647BC715147D4C0D2B02AE013E8D8
SHA1: 80A4F78EED1FE5C5021F862ECE9FAEF257F556FC
Evidence
Source Name Value
file name 3.2.0.v20130604
file name org.eclipse.ecf_3.2.0.v20130604-1622
file name org.eclipse.ecf_3.2.0.v20130604-1622
jar package core
jar package ecf
jar package eclipse
jar package name ecf
jar package name eclipse
jar package name provider
Manifest Bundle-Name %plugin.name
Manifest bundle-requiredexecutionenvironment CDC-1.1/Foundation-1.1,J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ecf;singleton:=true
Manifest Bundle-Vendor %plugin.provider
Manifest Bundle-Version 3.2.0.v20130604-1622
Manifest require-bundle org.eclipse.equinox.common,org.eclipse.equinox.registry,org.eclipse.ecf.identity;visibility:=reexport
Related Dependencies
org.eclipse.ecf.identity.source_3.2.0.v20130604-1622.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ecf.identity.source_3.2.0.v20130604-1622.jar
SHA1: D43BC8FD7D6E1358A666C21F7412EDF8450DEE06
MD5: AAF25BA775B183C7A709F35A1F81BBDB
org.eclipse.ecf.identity_3.2.0.v20130604-1622.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ecf.identity_3.2.0.v20130604-1622.jar
SHA1: 025CA8830F6E85BF2EE90034027E93262EDE26CA
MD5: CEABCFAE1141939ED02298290EE7DA07
org.eclipse.ecf.provider.filetransfer.source_3.2.0.v20130604-1622.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ecf.provider.filetransfer.source_3.2.0.v20130604-1622.jar
SHA1: C02691BE6C370CAE588CA2E8BDFBCC91D9C8EB01
MD5: EB5B1579177F3B9B577353FB12AB07C6
org.eclipse.ecf.provider.filetransfer_3.2.0.v20130604-1622.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ecf.provider.filetransfer_3.2.0.v20130604-1622.jar
SHA1: C2D01F511B27623C70C5C818D58618097969C6CF
MD5: 317EABF74935DC6EB6F6AF7ADF3A0779
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.jsch.ui_1.1.400.v20111007-1310.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jsch.ui_1.1.400.v20111007-1310.jar
MD5: C3757AE996CD51F277414D0741BA7F3A
SHA1: 6FDE8C78ABC129DDB3D6B4C1BE2D365FEAE68837
Evidence
Source Name Value
file name 1.1.400.v20111007
file name org.eclipse.jsch.ui_1.1.400.v20111007-1310
file name org.eclipse.jsch.ui_1.1.400.v20111007-1310
jar package eclipse
jar package internal
jar package jsch
jar package ui
jar package name eclipse
jar package name jsch
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.jsch.ui;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.1.400.v20111007-1310
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.team.git;path="bundles/org.eclipse.jsch.ui";tag="I20130402-0800";commitId=79c5562d4c74180311d4b7d7e8f82ffa068e9cb7
Manifest require-bundle org.eclipse.ui,org.eclipse.core.runtime,org.eclipse.jsch.core,com.jcraft.jsch
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.ds.source_1.4.100.v20130515-2026.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.ds.source_1.4.100.v20130515-2026.jar
MD5: 5EEC90E614AC60210C602A1042C97D01
SHA1: 2E9A6B4641CE8D3624C6FDE1401C6720217C2CBC
Evidence
Source Name Value
file name org.eclipse.equinox.ds.source_1.4.100.v20130515-2026
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.ds.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.ds;version="1.4.100.v20130515-2026";roots:="."
org.eclipse.pde.core.source_3.9.0.v20130515-1659.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.core.source_3.9.0.v20130515-1659.jar
MD5: B54058B97F5D85676A1A617077873909
SHA1: A6E52BB138946C8AD39917199FD0D99526DD8F5A
Evidence
Source Name Value
file name org.eclipse.pde.core.source_3.9.0.v20130515-1659
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.pde.core.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.pde.core;version="3.9.0.v20130515-1659";roots:="ant_tasks/pde-antsrc,."
org.eclipse.ui.workbench_3.105.0.v20130529-1406.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.workbench_3.105.0.v20130529-1406.jar
MD5: 00BA291CDDB7C3E60625C0605ABA079A
SHA1: 10B58B5B926195CC13F0CACCDCDC2D999F21DD65
Evidence
Source Name Value
file name org.eclipse.ui.workbench_3.105.0.v20130529-1406
jar package eclipse
jar package internal
jar package ui
jar package name contexts
jar package name databinding
jar package name e4
jar package name eclipse
jar package name help
jar package name model
jar package name plugin
jar package name services
jar package name swt
jar package name ui
jar package name workbench
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.ui.workbench; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.ui.workbench";tag="I20130529-2000";commitId=d3ed7cbdcfdc978a53be31bd6dd9bb52ce5851ef
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.6.0,4.0.0)",org.eclipse.help;bundle-version="[3.2.0,4.0.0)",org.eclipse.jface;bundle-version="[3.9.0,4.0.0)",org.eclipse.swt;bundle-version="[3.101.0,4.0.0)",org.eclipse.jface.databinding;bundle-version="[1.3.0,2.0.0)",org.eclipse.core.databinding.property;bundle-version="[1.2.0,2.0.0)",org.eclipse.core.databinding.observable;bundle-version="[1.2.0,2.0.0)",org.eclipse.e4.core.services;bundle-version="1.0.0",org.eclipse.e4.core.contexts;bundle-version="1.0.0",org.eclipse.e4.core.di;bundle-version="1.1.0",org.eclipse.e4.ui.workbench.swt;bundle-version="0.9.1",org.eclipse.e4.ui.di;bundle-version="0.9.0",org.eclipse.e4.ui.model.workbench;bundle-version="0.9.1",org.eclipse.e4.ui.css.swt.theme;bundle-version="0.9.0",org.eclipse.e4.ui.bindings;bundle-version="0.9.0",org.eclipse.e4.ui.css.swt;bundle-version="0.9.1",org.eclipse.e4.ui.css.core;bundle-version="0.9.0",org.eclipse.e4.ui.workbench3;bundle-version="0.12.0";visibility:=reexport,org.eclipse.e4.ui.workbench.addons.swt;bundle-version="0.10.0",org.eclipse.emf.ecore;bundle-version="2.7.0"
org.eclipse.jdt.core.manipulation.source_1.5.0.v20130605-1748.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.core.manipulation.source_1.5.0.v20130605-1748.jar
MD5: 3DCD59009F11EBF9283CDD1ED8FC0D77
SHA1: 859488C4B45758C7C8B6205DF10A795BF600417B
Evidence
Source Name Value
file name org.eclipse.jdt.core.manipulation.source_1.5.0.v20130605-1748
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jdt.core.manipulation.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jdt.core.manipulation;version="1.5.0.v20130605-1748";roots:="."
org.eclipse.equinox.p2.ui.sdk.scheduler_1.2.0.v20130603-2142.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.ui.sdk.scheduler_1.2.0.v20130603-2142.jar
MD5: 2A801F52D3D705B9A08B9E03D6E80E81
SHA1: 84E2DD3EB75CCCBC4B5EFA480D077283D6D6A94A
Evidence
Source Name Value
file name 1.2.0.v20130603
file name org.eclipse.equinox.p2.ui.sdk.scheduler_1.2.0.v20130603-2142
file name org.eclipse.equinox.p2.ui.sdk.scheduler_1.2.0.v20130603-2142
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name equinox
jar package name p2
Manifest Bundle-Name %bundleName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.equinox.p2.ui.sdk.scheduler;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.2.0.v20130603-2142
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.ui.sdk.scheduler";tag="I20130603-2000";commitId=812405020815af6aeed18c0a0ef600cb9eb0955e
Manifest require-bundle org.eclipse.ui,org.eclipse.core.runtime,org.eclipse.equinox.p2.updatechecker,org.eclipse.equinox.p2.ui,org.eclipse.equinox.p2.repository;bundle-version="2.3.0"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.pde.launching_3.6.100.v20130507-2111.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.launching_3.6.100.v20130507-2111.jar
MD5: 0219462E034B3A6EFB914DDB2928CD7D
SHA1: 2888660DE7B8C2AC2B1D83248F8E92382AF40D77
Evidence
Source Name Value
file name org.eclipse.pde.launching_3.6.100.v20130507-2111
jar package eclipse
jar package internal
jar package launching
jar package pde
jar package name eclipse
jar package name launching
jar package name pde
Manifest Bundle-Name %name
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.pde.launching;singleton:=true
Manifest Bundle-Vendor %provider-name
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/pde/eclipse.pde.ui.git;path="ui/org.eclipse.pde.launching";tag="I20130507-2000";commitId=9b82b38e0508b07a1f5d2040840571306060b9a6
Manifest require-bundle org.eclipse.jdt.junit.core;bundle-version="[3.6.0,4.0.0)",org.eclipse.jdt.launching;bundle-version="[3.2.0,4.0.0)",org.eclipse.debug.core;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.1.0,4.0.0)",org.eclipse.jdt.core;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.variables;bundle-version="[3.1.0,4.0.0)",org.eclipse.pde.build;bundle-version="[3.2.0,4.0.0)",org.eclipse.pde.core;bundle-version="[3.2.0,4.0.0)",org.eclipse.jdt.debug;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.0.0,2.0.0)",org.eclipse.core.resources;bundle-version="[3.5.0,4.0.0)"
org.eclipse.core.databinding.property.source_1.4.200.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.databinding.property.source_1.4.200.v20130515-1857.jar
MD5: EA0634A2DA0C2320E0E87AB6EC21413F
SHA1: 3985D3F1C5724DC64B41AEC67D5DBFF7DC743EC9
Evidence
Source Name Value
file name 1.4.200.v20130515
file name org.eclipse.core.databinding.property.source_1.4.200.v20130515-1857
file name org.eclipse.core.databinding.property.source_1.4.200.v20130515-1857
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.core.databinding.property.source
Manifest Bundle-Vendor %bundleVendor
Manifest Bundle-Version 1.4.200.v20130515-1857
Manifest eclipse-sourcebundle org.eclipse.core.databinding.property;version="1.4.200.v20130515-1857";roots:="."
cpe: cpe:/a:property_pro:property_pro:1.4.200.v20130515
suppress
org.eclipse.core.jobs.source_3.5.300.v20130429-1813.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.jobs.source_3.5.300.v20130429-1813.jar
MD5: 2D86290F11B23430A36982B3CDA838B3
SHA1: 66F1342DB8D674030D85DF691DF50C205A1884F2
Evidence
Source Name Value
file name org.eclipse.core.jobs.source_3.5.300.v20130429-1813
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.core.jobs.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.core.jobs;version="3.5.300.v20130429-1813";roots:="."
org.eclipse.jface.text.source_3.8.100.v20130515-1957.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jface.text.source_3.8.100.v20130515-1957.jar
MD5: 14E1E16858EE01C99272CDB86AA3BCC3
SHA1: BFF1EFE6BBE2032BA501E2B167D5642F21B8F188
Evidence
Source Name Value
file name org.eclipse.jface.text.source_3.8.100.v20130515-1957
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jface.text.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jface.text;version="3.8.100.v20130515-1957";roots:="."
org.eclipse.equinox.p2.director.app.source_1.0.300.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.director.app.source_1.0.300.v20130327-2119.jar
MD5: 7B716E7F8B98F6754AF758333E12B0DE
SHA1: 97E8EEDDA1300C03CF0F106A81E71235A7F14C79
Evidence
Source Name Value
file name org.eclipse.equinox.p2.director.app.source_1.0.300.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.director.app.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.director.app;version="1.0.300.v20130327-2119";roots:=".,ant_tasks/director-antsrc"
org.eclipse.e4.ui.css.swt.theme.source_0.9.100.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.css.swt.theme.source_0.9.100.v20130515-1857.jar
MD5: F3ACCCE4A27EFAF0A5ED4D28A92ECE86
SHA1: C04B0C40184A914F42468AE5192412CE030667C2
Evidence
Source Name Value
file name org.eclipse.e4.ui.css.swt.theme.source_0.9.100.v20130515-1857
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.ui.css.swt.theme.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.ui.css.swt.theme;version="0.9.100.v20130515-1857";roots:="."
org.eclipse.e4.ui.widgets.source_1.0.0.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.widgets.source_1.0.0.v20130515-1857.jar
MD5: 48974B6EE4D5E814E5B6534A9EB8A21F
SHA1: A12328FC8EE2639930161393C05491FCAAC1A3D7
Evidence
Source Name Value
file name org.eclipse.e4.ui.widgets.source_1.0.0.v20130515-1857
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.ui.widgets.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.ui.widgets;version="1.0.0.v20130515-1857";roots:="."
org.eclipse.jdt.debug.ui_3.6.200.v20130514-0841.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.debug.ui_3.6.200.v20130514-0841.jar
MD5: 1ED482618FE2B7A318333AA3483C0068
SHA1: F82C41DE7052058F1DC91FC6EBDCABFFA4CAF0A7
Evidence
Source Name Value
file name 3.6.200.v20130514
file name org.eclipse.jdt.debug.ui_3.6.200.v20130514-0841
file name org.eclipse.jdt.debug.ui_3.6.200.v20130514-0841
jar package debug
jar package eclipse
jar package internal
jar package jdt
jar package name debug
jar package name eclipse
jar package name jdt
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.jdt.debug.ui; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.6.200.v20130514-0841
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.debug.git;path="org.eclipse.jdt.debug.ui";tag="I20130514-0919";commitId=ffb75848c2bcb567f0059a43dfbc215fbc3be59a
Manifest require-bundle org.eclipse.ui.ide;bundle-version="[3.5.0,4.0.0)",org.eclipse.jface.text;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.workbench.texteditor;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.editors;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.filebuffers;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.variables;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.expressions;bundle-version="[3.4.0,4.0.0)",org.eclipse.jdt.core;bundle-version="[3.8.0,4.0.0)",org.eclipse.debug.ui;bundle-version="[3.8.0,4.0.0)",org.eclipse.jdt.debug;bundle-version="[3.7.100,4.0.0)",org.eclipse.jdt.launching;bundle-version="[3.7.0,4.0.0)",org.eclipse.jdt.ui;bundle-version="[3.8.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",org.eclipse.ltk.core.refactoring;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.console;bundle-version="[3.4.0,4.0.0)",org.eclipse.jdt.core.manipulation;bundle-version="[1.3.0,2.0.0)",org.eclipse.search;bundle-version="[3.5.0,4.0.0)",com.ibm.icu,org.eclipse.ui.forms;bundle-version="[3.4.0,4.0.0)",org.eclipse.core.resources,org.eclipse.debug.core;bundle-version="[3.6.0,4.0.0)"
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.pde.ua.core_1.0.300.v20130402-1757.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.ua.core_1.0.300.v20130402-1757.jar
MD5: E9BC8990422E4C6DAED947B665F6D76C
SHA1: AA1591D4DD09703C374F3AD2106F846E7BAF705C
Evidence
Source Name Value
file name 1.0.300.v20130402
file name org.eclipse.pde.ua.core_1.0.300.v20130402-1757
file name org.eclipse.pde.ua.core_1.0.300.v20130402-1757
jar package eclipse
jar package internal
jar package pde
jar package ua
jar package name eclipse
jar package name pde
jar package name ua
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.pde.ua.core;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.0.300.v20130402-1757
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/pde/eclipse.pde.ui.git;path="ua/org.eclipse.pde.ua.core";tag="I20130409-0800";commitId=2ca89ec9388f87c3a7139beb1594a2dd468ac92f
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.3.0,4.0.0)",org.eclipse.pde.core;bundle-version="[3.3.0,4.0.0)",org.eclipse.text;bundle-version="[3.3.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.3.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.ui.navigator.resources.source_3.4.500.v20130516-1049.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.navigator.resources.source_3.4.500.v20130516-1049.jar
MD5: 80CA40D1D510300731AC964618D7E3F5
SHA1: A62A88D15E52C0F0D77E859E524B16D552D6C68E
Evidence
Source Name Value
file name org.eclipse.ui.navigator.resources.source_3.4.500.v20130516-1049
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.navigator.resources.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.navigator.resources;version="3.4.500.v20130516-1049";roots:="."
org.eclipse.equinox.p2.ui.sdk_1.0.300.v20130503-1750.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.ui.sdk_1.0.300.v20130503-1750.jar
MD5: 17B9BC137995648103D906BB78373BBD
SHA1: CE85D4DFF9EED8A82AE592A23EA4F82C69B96665
Evidence
Source Name Value
file name 1.0.300.v20130503
file name org.eclipse.equinox.p2.ui.sdk_1.0.300.v20130503-1750
file name org.eclipse.equinox.p2.ui.sdk_1.0.300.v20130503-1750
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name equinox
jar package name p2
Manifest Bundle-Name %bundleName
Manifest bundle-requiredexecutionenvironment J2SE-1.5,J2SE-1.4,CDC-1.1/Foundation-1.1
Manifest bundle-symbolicname org.eclipse.equinox.p2.ui.sdk;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.0.300.v20130503-1750
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.ui.sdk";tag="I20130503-1633";commitId=e813506a5b81b0d4ba9dcc6371d2ddb3ec940ed9
Manifest require-bundle org.eclipse.ui;bundle-version="3.6.0",org.eclipse.core.runtime,org.eclipse.equinox.p2.ui
Manifest service-component OSGI-INF/policy_component.xml, OSGI-INF/licenseManager_component.xml
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.core.externaltools.source_1.0.200.v20130402-1741.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.externaltools.source_1.0.200.v20130402-1741.jar
MD5: D21FFD8F96B81818260421D78471AE06
SHA1: 586834FE5165F9DF8C3D55FAF8522168F96B15E2
Evidence
Source Name Value
file name org.eclipse.core.externaltools.source_1.0.200.v20130402-1741
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.core.externaltools.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.core.externaltools;version="1.0.200.v20130402-1741";roots:="."
org.eclipse.jdt.core_3.9.0.v20130604-1421.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.core_3.9.0.v20130604-1421.jar
MD5: 236021B345B6883F8A94A987D52FEB78
SHA1: FA45CB8B466299EF82F8F3B7C6634BDB57E7AD65
Evidence
Source Name Value
file name org.eclipse.jdt.core_3.9.0.v20130604-1421
jar package core
jar package eclipse
jar package internal
jar package jdt
jar package name core
jar package name eclipse
jar package name jdt
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.jdt.core; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.core.git;path="org.eclipse.jdt.core";tag="I20130604-2000";commitId=6fe9d61eea2c00b1cd723dbcfb2c6ce66bf0208b
Manifest require-bundle org.eclipse.core.resources;bundle-version="[3.3.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.3.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.0.0,2.0.0)",org.eclipse.text;bundle-version="[3.1.0,4.0.0)",org.eclipse.team.core;bundle-version="[3.1.0,4.0.0)";resolution:=optional
org.eclipse.ui.views.properties.tabbed_3.6.0.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.views.properties.tabbed_3.6.0.v20130515-1857.jar
MD5: AE89445548D4A37CC95DA33467533EFC
SHA1: 741B60673DC39778C25AF1E49C24BDDDC6D7228C
Evidence
Source Name Value
file name org.eclipse.ui.views.properties.tabbed_3.6.0.v20130515-1857
jar package eclipse
jar package internal
jar package ui
jar package views
jar package name eclipse
jar package name properties
jar package name ui
jar package name views
Manifest Bundle-Name %Plugin.name
Manifest bundle-requiredexecutionenvironment CDC-1.0/Foundation-1.0,J2SE-1.3
Manifest bundle-symbolicname org.eclipse.ui.views.properties.tabbed;singleton:=true
Manifest Bundle-Vendor %Plugin.providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.ui.views.properties.tabbed";tag="I20130515-2000";commitId=bc510cfd80224d0d77919e36978d5bc71eb6fa3d
Manifest require-bundle org.eclipse.ui.forms;bundle-version="[3.3.0,4.0.0)";visibility:=reexport,org.eclipse.ui.views;bundle-version="[3.2.0,4.0.0)";visibility:=reexport,org.eclipse.ui;bundle-version="[3.3.0,4.0.0)";visibility:=reexport,org.eclipse.core.runtime;bundle-version="[3.2.0,4.0.0)"
org.eclipse.ecf.ssl.source_1.1.0.v20130604-1622.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ecf.ssl.source_1.1.0.v20130604-1622.jar
MD5: 9B5A136DF21B58FAF31B09B4398A2D4B
SHA1: 090060EE73BEF62DA8D6E95BEE4A4F14E37EBA3B
Evidence
Source Name Value
file name org.eclipse.ecf.ssl.source_1.1.0.v20130604-1622
Manifest Bundle-Name ECF SSL Fragment Source
Manifest bundle-symbolicname org.eclipse.ecf.ssl.source;singleton:=true
Manifest Bundle-Vendor Eclipse.org - ECF
Manifest eclipse-sourcebundle org.eclipse.ecf.ssl;version="1.1.0.v20130604-1622";roots="."
org.eclipse.e4.ui.workbench.renderers.swt_0.11.0.v20130603-1523.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.workbench.renderers.swt_0.11.0.v20130603-1523.jar
MD5: 28E977CCFC4586C20BEE90B8190DB985
SHA1: 8D61C37D902EC6EE894254D4D594A94CA6312D9F
Evidence
Source Name Value
file name org.eclipse.e4.ui.workbench.renderers.swt_0.11.0.v20130603-1523
jar package e4
jar package eclipse
jar package ui
jar package workbench
jar package name e4
jar package name eclipse
jar package name ui
jar package name workbench
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.e4.ui.workbench.renderers.swt;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.e4.ui.workbench.renderers.swt";tag="I20130603-2000";commitId=e1f01e0fd4d84d6deff84135cad3d7387d72dcc6
Manifest require-bundle org.eclipse.e4.ui.workbench;bundle-version="0.9.0",org.eclipse.e4.core.services;bundle-version="0.9.0",org.eclipse.e4.core.contexts;bundle-version="1.0.0",org.eclipse.e4.core.di;bundle-version="1.1.0",org.eclipse.e4.ui.services;bundle-version="0.9.0",org.eclipse.swt;bundle-version="[3.5.0,4.0.0)",org.eclipse.jface;bundle-version="[3.5.0,4.0.0)",org.eclipse.e4.ui.workbench.swt;bundle-version="0.9.0",org.eclipse.e4.ui.model.workbench;bundle-version="0.9.0",org.eclipse.osgi.services;bundle-version="[3.2.0,4.0.0)",org.eclipse.e4.core.commands;bundle-version="0.9.0",org.eclipse.e4.ui.bindings;bundle-version="0.9.0",org.eclipse.equinox.common;bundle-version="[3.6.0,4.0.0)",org.eclipse.core.expressions;bundle-version="[3.4.200,4.0.0)",org.eclipse.e4.ui.css.swt.theme;bundle-version="0.9.0",org.eclipse.e4.ui.css.core;bundle-version="0.9.0",org.eclipse.osgi;bundle-version="[3.6.0,4.0.0)",org.eclipse.e4.ui.di;bundle-version="0.9.0",org.eclipse.emf.ecore;bundle-version="2.7.0",org.eclipse.e4.ui.css.swt;bundle-version="0.11.0"
org.eclipse.ui.workbench.texteditor_3.8.100.v20130514-1533.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.workbench.texteditor_3.8.100.v20130514-1533.jar
MD5: 57D2C5EF97257EAB4EE4A22389840CDB
SHA1: 470A8E4938F402121F323FBF6FEB3B7A7796B682
Evidence
Source Name Value
file name 3.8.100.v20130514
file name org.eclipse.ui.workbench.texteditor_3.8.100.v20130514-1533
file name org.eclipse.ui.workbench.texteditor_3.8.100.v20130514-1533
jar package eclipse
jar package texteditor
jar package ui
jar package name eclipse
jar package name texteditor
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ui.workbench.texteditor; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.8.100.v20130514-1533
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.text.git;path="org.eclipse.ui.workbench.texteditor";tag="I20130514-1303";commitId=fb9bbaa3c39f88a9e0e5f64d3c4800a01d3573b4
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",org.eclipse.compare.core;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.expressions;bundle-version="[3.4.100,4.0.0)",org.eclipse.jface.text;bundle-version="[3.8.0,4.0.0)",org.eclipse.ui;bundle-version="[3.5.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.p2.directorywatcher.source_1.0.300.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.directorywatcher.source_1.0.300.v20130327-2119.jar
MD5: 622A71BE063E685C548AA43C5AAD0F9B
SHA1: 1DCD8E1B8E187E08581AAE1454B05A45F8E62A72
Evidence
Source Name Value
file name org.eclipse.equinox.p2.directorywatcher.source_1.0.300.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.directorywatcher.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.directorywatcher;version="1.0.300.v20130327-2119";roots:="."
org.eclipse.help.base.source_4.0.0.v20130605-2000.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.help.base.source_4.0.0.v20130605-2000.jar
MD5: A6A21E21C7F53186E202EACF99A1D8A5
SHA1: D117919F1A29AEB7EB40B5BE7FD8EA8C56E4AB4F
Evidence
Source Name Value
file name org.eclipse.help.base.source_4.0.0.v20130605-2000
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.help.base.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.help.base;version="4.0.0.v20130605-2000";roots:="ant_tasks/helpbase-antsrc,."
org.eclipse.ui.views.log_1.0.400.v20130515-2009.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.views.log_1.0.400.v20130515-2009.jar
MD5: D36226D299F431E411667530F2E0A5E9
SHA1: 2F16667EDC553F8A3DBA3FF6BDB93CD05838A0A8
Evidence
Source Name Value
file name 1.0.400.v20130515
file name org.eclipse.ui.views.log_1.0.400.v20130515-2009
file name org.eclipse.ui.views.log_1.0.400.v20130515-2009
jar package eclipse
jar package internal
jar package ui
jar package views
jar package name eclipse
jar package name ui
jar package name views
Manifest Bundle-Name %name
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ui.views.log;singleton:=true
Manifest Bundle-Vendor %provider-name
Manifest Bundle-Version 1.0.400.v20130515-2009
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/pde/eclipse.pde.ui.git;path="ui/org.eclipse.ui.views.log";tag="I20130515-2000";commitId=b5c7f8cc76983f4bf3167f59dcd49bb1aada94fc
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.1.0,2.0.0)";resolution:=optional,org.eclipse.ui;bundle-version="[3.3.0,4.0.0)",org.eclipse.ui.ide;bundle-version="[3.3.0,4.0.0)";resolution:=optional
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.jdt.compiler.apt_1.0.600.v20130530-1010.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.compiler.apt_1.0.600.v20130530-1010.jar
MD5: CC310D87637687D63B7F07FDB3B8DF6F
SHA1: A4F63E09AC319965DCFF414E72D46D6813064A68
Evidence
Source Name Value
file name 1.0.600.v20130530
file name org.eclipse.jdt.compiler.apt_1.0.600.v20130530-1010
file name org.eclipse.jdt.compiler.apt_1.0.600.v20130530-1010
jar package compiler
jar package eclipse
jar package internal
jar package jdt
jar package name compiler
jar package name eclipse
jar package name jdt
Manifest Bundle-Name %fragmentName
Manifest bundle-requiredexecutionenvironment JavaSE-1.6
Manifest bundle-symbolicname org.eclipse.jdt.compiler.apt;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.0.600.v20130530-1010
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.core.git;path="org.eclipse.jdt.compiler.apt";tag="I20130530-1430";commitId=760ef9b34243875ff06c163b177d17f0c77d9df3
Manifest fragment-host org.eclipse.jdt.core;bundle-version="[3.5.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.core.commands.source_3.6.100.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.commands.source_3.6.100.v20130515-1857.jar
MD5: 91CED1285C23B864BFF27663E780E9C7
SHA1: 64F73FE83F2CE2710D2952DD000B07D3AA6BAADC
Evidence
Source Name Value
file name org.eclipse.core.commands.source_3.6.100.v20130515-1857
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.core.commands.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.core.commands;version="3.6.100.v20130515-1857";roots:="."
org.eclipse.pde.runtime.source_3.4.400.v20130402-1757.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.runtime.source_3.4.400.v20130402-1757.jar
MD5: D835A7FB857D87CF85008EDE2E5E2893
SHA1: BB8A0E9893EFADEF69F0573480C8B2739535E3B5
Evidence
Source Name Value
file name org.eclipse.pde.runtime.source_3.4.400.v20130402-1757
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.pde.runtime.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.pde.runtime;version="3.4.400.v20130402-1757";roots:="."
org.eclipse.equinox.p2.ui.sdk.source_1.0.300.v20130503-1750.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.ui.sdk.source_1.0.300.v20130503-1750.jar
MD5: 4C5B29ACA187C2B9B5A521528A293352
SHA1: 325EE0699B9B3444DA128F999C560792F03E8399
Evidence
Source Name Value
file name org.eclipse.equinox.p2.ui.sdk.source_1.0.300.v20130503-1750
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.ui.sdk.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.ui.sdk;version="1.0.300.v20130503-1750";roots:="."
org.eclipse.equinox.p2.metadata_2.2.0.v20130523-1557.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.metadata_2.2.0.v20130523-1557.jar
MD5: 80D4BC3F9CA6F554711135279B967552
SHA1: 9FE26F405C09C5DB99668AF066A5C3B430C8A772
Evidence
Source Name Value
file name 2.2.0.v20130523
file name org.eclipse.equinox.p2.metadata_2.2.0.v20130523-1557
file name org.eclipse.equinox.p2.metadata_2.2.0.v20130523-1557
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name equinox
jar package name metadata
jar package name p2
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.equinox.p2.metadata;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 2.2.0.v20130523-1557
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.metadata";tag="I20130523-1400";commitId=7998ef5c4036704351f25dbbd19ddc1fc7e1438c
Manifest require-bundle org.eclipse.equinox.common,org.eclipse.equinox.p2.core;bundle-version="[2.0.0,3.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.e4.ui.workbench_1.0.0.v20130531-1444.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.workbench_1.0.0.v20130531-1444.jar
MD5: 96334ABB98ACBEDB0190508A69D9A32F
SHA1: EF65C75072D1139454B971E7B69E5413D45D36AE
Evidence
Source Name Value
file name org.eclipse.e4.ui.workbench_1.0.0.v20130531-1444
jar package e4
jar package eclipse
jar package internal
jar package ui
jar package name e4
jar package name eclipse
jar package name ui
jar package name workbench
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.e4.ui.workbench;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.e4.ui.workbench";tag="I20130531-2000";commitId=3adee5f0b48229306924586d938bf2708c2dd904
Manifest require-bundle org.eclipse.e4.ui.model.workbench;bundle-version="1.0.0",org.eclipse.equinox.common;bundle-version="[3.4.0,4.0.0)",org.eclipse.osgi;bundle-version="[3.4.0,4.0.0)",org.eclipse.e4.ui.services;bundle-version="0.9.0",org.eclipse.equinox.registry;bundle-version="[3.4.0,4.0.0)",org.eclipse.e4.core.services;bundle-version="0.9.0",org.eclipse.e4.core.contexts;bundle-version="1.0.0",org.eclipse.e4.core.di;bundle-version="1.1.0",org.eclipse.core.jobs;bundle-version="[3.4.0,4.0.0)",org.eclipse.core.commands;bundle-version="[3.5.0,4.0.0)",org.eclipse.osgi.services;bundle-version="[3.2.0,4.0.0)",org.eclipse.e4.core.commands;bundle-version="0.9.0",org.eclipse.emf.ecore.change;bundle-version="2.5.0",org.eclipse.core.expressions;bundle-version="[3.4.200,4.0.0)",org.eclipse.e4.ui.di;bundle-version="0.9.0",org.eclipse.emf.ecore.xmi;bundle-version="2.7.0"
Manifest service-component OSGI-INF/progress.xml, OSGI-INF/partService.xml
org.eclipse.team.cvs.ssh2.source_3.2.300.v20111007-1310.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.team.cvs.ssh2.source_3.2.300.v20111007-1310.jar
MD5: C8CC04E7939D7D8E7543804A4A6EFAB6
SHA1: 5D7C89F289A9EBE0807A71B9844CAA0D43A67CDF
Evidence
Source Name Value
file name 3.2.300.v20111007
file name org.eclipse.team.cvs.ssh2.source_3.2.300.v20111007-1310
file name org.eclipse.team.cvs.ssh2.source_3.2.300.v20111007-1310
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.team.cvs.ssh2.source
Manifest Bundle-Vendor %bundleVendor
Manifest Bundle-Version 3.2.300.v20111007-1310
Manifest eclipse-sourcebundle org.eclipse.team.cvs.ssh2;version="3.2.300.v20111007-1310";roots:="."
org.eclipse.e4.ui.workbench.swt.source_0.12.0.v20130517-0139.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.workbench.swt.source_0.12.0.v20130517-0139.jar
MD5: 5EB369D0952D2E8961F663C799256078
SHA1: A527C224D1AA247BACD97A65DC8E7A0739209CC5
Evidence
Source Name Value
file name org.eclipse.e4.ui.workbench.swt.source_0.12.0.v20130517-0139
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.ui.workbench.swt.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.ui.workbench.swt;version="0.12.0.v20130517-0139";roots:="."
org.eclipse.pde.ua.ui.source_1.0.300.v20130508-1926.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.ua.ui.source_1.0.300.v20130508-1926.jar
MD5: 9A7025B99496DF4775A435C735A2BF1F
SHA1: 5ED3FC4090673E4C8324A0EA7EE2AD33FCFAF648
Evidence
Source Name Value
file name org.eclipse.pde.ua.ui.source_1.0.300.v20130508-1926
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.pde.ua.ui.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.pde.ua.ui;version="1.0.300.v20130508-1926";roots:="."
org.eclipse.text.source_3.5.300.v20130515-1451.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.text.source_3.5.300.v20130515-1451.jar
MD5: 2A0C233F34E86198AF70471C0EE74AD7
SHA1: EFEB34E19EA6EC6477196257F89CDB564406B0FA
Evidence
Source Name Value
file name org.eclipse.text.source_3.5.300.v20130515-1451
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.text.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.text;version="3.5.300.v20130515-1451";roots:="."
org.eclipse.ecf.filetransfer.source_5.0.0.v20130604-1622.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ecf.filetransfer.source_5.0.0.v20130604-1622.jar
MD5: D6FC2E9CD1CE20FCD451C058EE0F1978
SHA1: 2701B2399F51F546BC30D1F35639D66F486FE398
Evidence
Source Name Value
file name org.eclipse.ecf.filetransfer.source_5.0.0.v20130604-1622
Manifest Bundle-Name ECF Filetransfer API Source
Manifest bundle-symbolicname org.eclipse.ecf.filetransfer.source;singleton:=true
Manifest Bundle-Vendor Eclipse.org - ECF
Manifest eclipse-sourcebundle org.eclipse.ecf.filetransfer;version="5.0.0.v20130604-1622";roots="."
pdebuild.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/pdebuild.jar
MD5: 38AFEFA1A1DEDDB1D449928EEAF62A47
SHA1: B5A35BA0A000C6BA3F97EED31B053811B128143D
Evidence
Source Name Value
file name pdebuild
jar package build
jar package eclipse
jar package internal
jar package pde
org.eclipse.pde.ua.core.source_1.0.300.v20130402-1757.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.ua.core.source_1.0.300.v20130402-1757.jar
MD5: AC1C57EE37DC4993601760BBFEA8CD7E
SHA1: 29809C25D17713D1E08385D7DC086DD848308283
Evidence
Source Name Value
file name org.eclipse.pde.ua.core.source_1.0.300.v20130402-1757
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.pde.ua.core.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.pde.ua.core;version="1.0.300.v20130402-1757";roots:="."
org.eclipse.compare.core.source_3.5.300.v20130514-1224.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.compare.core.source_3.5.300.v20130514-1224.jar
MD5: D63FBA8117FAC7672D65334C3FE9242A
SHA1: 5E4565B90ACA34EC5751A4764C34E28005A22191
Evidence
Source Name Value
file name org.eclipse.compare.core.source_3.5.300.v20130514-1224
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.compare.core.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.compare.core;version="3.5.300.v20130514-1224";roots:="."
org.eclipse.equinox.p2.publisher.eclipse_1.1.200.v20130516-1953.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.publisher.eclipse_1.1.200.v20130516-1953.jar
MD5: 3EBF0F2D8A40B215E381B2F87B776280
SHA1: 6CFB633C1ECE167119829F00B930F9A068EE6ED0
Evidence
Source Name Value
file name 1.1.200.v20130516
file name org.eclipse.equinox.p2.publisher.eclipse_1.1.200.v20130516-1953
file name org.eclipse.equinox.p2.publisher.eclipse_1.1.200.v20130516-1953
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name equinox
jar package name p2
jar package name publisher
Manifest Bundle-Name %bundleName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.equinox.p2.publisher.eclipse;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.1.200.v20130516-1953
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.publisher.eclipse";tag="I20130516-1600";commitId=6632465a3e69d810e75a13e41a6000a3bcd41234
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.5.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.e4.core.commands.source_0.10.2.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.core.commands.source_0.10.2.v20130515-1857.jar
MD5: 0E3EC146476F990D41EC08DA7D020DC7
SHA1: 26C01ADB8B42E932FB58C60CC2A00AF67CE0869E
Evidence
Source Name Value
file name org.eclipse.e4.core.commands.source_0.10.2.v20130515-1857
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.core.commands.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.core.commands;version="0.10.2.v20130515-1857";roots:="."
org.eclipse.e4.ui.bindings.source_0.10.100.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.bindings.source_0.10.100.v20130515-1857.jar
MD5: A0B7EDDD3D713E10C7A75AF5A01610C7
SHA1: B56C6B959D22B1D0BA54E862450B785FCC1BAF03
Evidence
Source Name Value
file name org.eclipse.e4.ui.bindings.source_0.10.100.v20130515-1857
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.ui.bindings.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.ui.bindings;version="0.10.100.v20130515-1857";roots:="."
org.eclipse.ui.source_3.105.0.v20130522-1122.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.source_3.105.0.v20130522-1122.jar
MD5: 7803E0997929DFA3825ADA9D71C65C86
SHA1: 1ABF8979F929B4DF5049FD80C46614BDB9E215E7
Evidence
Source Name Value
file name org.eclipse.ui.source_3.105.0.v20130522-1122
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui;version="3.105.0.v20130522-1122";roots:="."
org.eclipse.e4.ui.workbench.renderers.swt.source_0.11.0.v20130603-1523.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.workbench.renderers.swt.source_0.11.0.v20130603-1523.jar
MD5: 8D5D096E6CB1678DE8F4124709C54CFC
SHA1: 8335229134CAF29C030A42876D8D6E3B22302D45
Evidence
Source Name Value
file name org.eclipse.e4.ui.workbench.renderers.swt.source_0.11.0.v20130603-1523
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.ui.workbench.renderers.swt.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.ui.workbench.renderers.swt;version="0.11.0.v20130603-1523";roots:="."
org.eclipse.ant.core_3.2.500.v20130402-1746.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ant.core_3.2.500.v20130402-1746.jar
MD5: 85A0D013C50BA758312592EDD02F787C
SHA1: D56D2B786D4C1BEE916F2F91EBC9EAB48D72790A
Evidence
Source Name Value
file name 3.2.500.v20130402
file name org.eclipse.ant.core_3.2.500.v20130402-1746
file name org.eclipse.ant.core_3.2.500.v20130402-1746
jar package ant
jar package core
jar package eclipse
jar package name ant
jar package name core
jar package name eclipse
jar package name internal
Manifest bundle-activationpolicy lazy;exclude:="org.eclipse.ant.internal.core.contentDescriber"
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ant.core; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.2.500.v20130402-1746
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.git;path="ant/org.eclipse.ant.core";tag="I20130403-1027";commitId=ff3ef32d549cd0dfdcf6422028ecb54f254aac90
Manifest require-bundle org.eclipse.core.variables;bundle-version="[3.1.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.2.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.preferences.source_3.5.100.v20130422-1538.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.preferences.source_3.5.100.v20130422-1538.jar
MD5: 25FBE91EF5ECEC001C0B141BF9E1DE2C
SHA1: A335F2C0ABFA148BC2851BBC837CA6C5BDAF4B96
Evidence
Source Name Value
file name org.eclipse.equinox.preferences.source_3.5.100.v20130422-1538
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.preferences.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.preferences;version="3.5.100.v20130422-1538";roots:="."
org.eclipse.equinox.p2.garbagecollector_1.0.200.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.garbagecollector_1.0.200.v20130327-2119.jar
MD5: F1C84F20D41E89C682C1853F92EDE4F2
SHA1: A9EFA603659A63CBC5A2C3988980437DAE879112
Evidence
Source Name Value
file name 1.0.200.v20130327
file name org.eclipse.equinox.p2.garbagecollector_1.0.200.v20130327-2119
file name org.eclipse.equinox.p2.garbagecollector_1.0.200.v20130327-2119
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name equinox
jar package name p2
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5,J2SE-1.4,CDC-1.1/Foundation-1.1
Manifest bundle-symbolicname org.eclipse.equinox.p2.garbagecollector;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.0.200.v20130327-2119
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.garbagecollector";tag="I20130402-0800";commitId=7184672bf7e9aed74dc896deea71041b570ffb9c
Manifest require-bundle org.eclipse.equinox.p2.engine,org.eclipse.equinox.registry;bundle-version="[3.4.0,4.0.0)"
Manifest service-component OSGI-INF/garbagecollector.xml
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.jdt.junit.runtime_3.4.400.v20130514-0733.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.junit.runtime_3.4.400.v20130514-0733.jar
MD5: 050A422B57452D178F7D9FA6BBAB5CEB
SHA1: 503B625C0E78F46DC34BF028A4E97B01CFAFBED9
Evidence
Source Name Value
file name 3.4.400.v20130514
file name org.eclipse.jdt.junit.runtime_3.4.400.v20130514-0733
file name org.eclipse.jdt.junit.runtime_3.4.400.v20130514-0733
jar package eclipse
jar package internal
jar package jdt
jar package junit
jar package name eclipse
jar package name jdt
jar package name junit
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.jdt.junit.runtime;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.4.400.v20130514-0733
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.ui.git;path="org.eclipse.jdt.junit.runtime";tag="I20130514-1303";commitId=6684836879074aa2329095fd2a49259bd18e304d
Manifest require-bundle org.junit;bundle-version="3.8.2"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.jdt.apt.ui_3.3.300.v20120516-0617.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.apt.ui_3.3.300.v20120516-0617.jar
MD5: 83C94AB85EF3119BCCECEA256CA24C70
SHA1: 1A54F999D768C7806C987FB0A7B5F409B308F602
Evidence
Source Name Value
file name org.eclipse.jdt.apt.ui_3.3.300.v20120516-0617
jar package apt
jar package eclipse
jar package jdt
jar package ui
jar package name apt
jar package name eclipse
jar package name jdt
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.jdt.apt.ui; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.core.git;path="org.eclipse.jdt.apt.ui";tag="I20130402-0800";commitId=bc9a11699cfbb4d0ab3f4f2c216c8bcec79f0c3b
Manifest require-bundle org.eclipse.jdt.apt.core;bundle-version="[3.2.0,4.0.0)",org.eclipse.jdt.ui;bundle-version="[3.2.0,4.0.0)",org.eclipse.jdt.core;bundle-version="[3.2.0,4.0.0)",org.eclipse.ui;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.2.0,4.0.0)",org.eclipse.ui.forms;bundle-version="[3.2.0,4.0.0)"
org.eclipse.jdt.annotation.source_1.1.0.v20130513-1648.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.annotation.source_1.1.0.v20130513-1648.jar
MD5: 18C5C5D036E2EF3E3C4EA80AB9C11274
SHA1: CD4B25D606DC266B63E178BB88F8E925E17890E9
Evidence
Source Name Value
file name org.eclipse.jdt.annotation.source_1.1.0.v20130513-1648
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jdt.annotation.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jdt.annotation;version="1.1.0.v20130513-1648";roots:="."
org.eclipse.team.cvs.ui_3.3.600.v20130514-1224.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.team.cvs.ui_3.3.600.v20130514-1224.jar
MD5: 63F2F27F6882DA0B66B02CE7E980A037
SHA1: DF40B35D80345DE3848BB5C982A0299CDCB21A55
Evidence
Source Name Value
file name 3.3.600.v20130514
file name org.eclipse.team.cvs.ui_3.3.600.v20130514-1224
file name org.eclipse.team.cvs.ui_3.3.600.v20130514-1224
jar package ccvs
jar package eclipse
jar package internal
jar package team
jar package name eclipse
jar package name team
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.team.cvs.ui; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.3.600.v20130514-1224
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.team.git;path="bundles/org.eclipse.team.cvs.ui";tag="I20130514-0919";commitId=a293d95118c40d93026a747f8d9bd4e609352a91
Manifest require-bundle org.eclipse.ui.ide;bundle-version="[3.3.0,4.0.0)";resolution:=optional,org.eclipse.ui.views;bundle-version="[3.2.0,4.0.0)";resolution:=optional,org.eclipse.jface.text;bundle-version="[3.4.0,4.0.0)";resolution:=optional,org.eclipse.ui.workbench.texteditor;bundle-version="[3.3.0,4.0.0)";resolution:=optional,org.eclipse.ui.editors;bundle-version="[3.3.0,4.0.0)";resolution:=optional,org.eclipse.core.runtime;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.3.0,4.0.0)",org.eclipse.ui;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.console;bundle-version="[3.2.0,4.0.0)",org.eclipse.team.core;bundle-version="[3.3.0,4.0.0)",org.eclipse.team.ui;bundle-version="[3.3.0,4.0.0)",org.eclipse.team.cvs.core;bundle-version="[3.3.0,4.0.0)",org.eclipse.compare;bundle-version="[3.3.0,4.0.0)",org.eclipse.ui.navigator;bundle-version="[3.3.0,4.0.0)",org.eclipse.core.expressions;bundle-version="[3.2.0,4.0.0)",com.ibm.icu;bundle-version="4.4.2"
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.equinox.common.source_3.6.200.v20130402-1505.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.common.source_3.6.200.v20130402-1505.jar
MD5: 0677F03D56AE960CB8C3FDC89DE4D3B0
SHA1: 535D61655DE849617E3889DDA4B77C55D3FB5343
Evidence
Source Name Value
file name org.eclipse.equinox.common.source_3.6.200.v20130402-1505
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.common.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.common;version="3.6.200.v20130402-1505";roots:="."
org.eclipse.pde.ds.core.source_1.0.300.v20130514-1232.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.ds.core.source_1.0.300.v20130514-1232.jar
MD5: D7D97569D22B8C2FD3927AD228E57E46
SHA1: BFEE734F912116C9CEBC6A172BCE69AAFDB40D21
Evidence
Source Name Value
file name org.eclipse.pde.ds.core.source_1.0.300.v20130514-1232
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.pde.ds.core.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.pde.ds.core;version="1.0.300.v20130514-1232";roots:="."
org.eclipse.jdt.ui_3.9.0.v20130605-1748.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.ui_3.9.0.v20130605-1748.jar
MD5: 86299548B4383FFCC4D07A8124EFEE28
SHA1: DD3E9C9D4CF57A13545C3E0B5F45DD6388FE8503
Evidence
Source Name Value
file name 3.9.0.v20130605
file name org.eclipse.jdt.ui_3.9.0.v20130605-1748
file name org.eclipse.jdt.ui_3.9.0.v20130605-1748
jar package eclipse
jar package internal
jar package jdt
jar package ui
jar package name eclipse
jar package name jdt
jar package name refactoring
jar package name search
jar package name text
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.jdt.ui; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.9.0.v20130605-1748
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.ui.git;path="org.eclipse.jdt.ui";tag="I20130605-2000";commitId=b1685b025876ed72aedfc8c7af59129b19055e7d
Manifest require-bundle org.eclipse.help;bundle-version="[3.4.0,4.0.0)",org.eclipse.core.expressions;bundle-version="[3.4.100,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.2.0,2.0.0)",org.eclipse.core.resources;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.variables;bundle-version="[3.2.200,4.0.0)",org.eclipse.jdt.core;bundle-version="[3.9.0,4.0.0)",org.eclipse.search;bundle-version="[3.7.0,4.0.0)",org.eclipse.debug.core;bundle-version="[3.5.0,4.0.0)",org.eclipse.debug.ui;bundle-version="[3.5.0,4.0.0)",org.eclipse.jdt.launching;bundle-version="[3.6.100,4.0.0)",org.eclipse.compare;bundle-version="[3.5.0,4.0.0)",org.eclipse.team.ui;bundle-version="[3.4.100,4.0.0)",org.eclipse.team.core;bundle-version="[3.4.100,4.0.0)",org.eclipse.jface;bundle-version="[3.9.0,4.0.0)",org.eclipse.jface.text;bundle-version="[3.8.0,4.0.0)",org.eclipse.ui;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.console;bundle-version="[3.4.0,4.0.0)",org.eclipse.ui.workbench.texteditor;bundle-version="[3.8.0,4.0.0)",org.eclipse.ui.ide;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.views;bundle-version="[3.3.100,4.0.0)",org.eclipse.ui.editors;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.7.0,4.0.0)",org.eclipse.ltk.core.refactoring;bundle-version="[3.5.0,4.0.0)",org.eclipse.ltk.ui.refactoring;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.forms;bundle-version="[3.4.0,4.0.0)",org.eclipse.ui.navigator;bundle-version="[3.3.200,4.0.0)",org.eclipse.ui.navigator.resources;bundle-version="[3.4.0,4.0.0)",org.eclipse.jdt.core.manipulation;bundle-version="[1.4.0,2.0.0)",com.ibm.icu;bundle-version="4.4.2",org.eclipse.equinox.bidi;bundle-version="[0.10.0,2.0.0)"
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.team.ui_3.7.0.v20130514-1224.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.team.ui_3.7.0.v20130514-1224.jar
MD5: 8BC7564ACC77211259DE49E8048F8679
SHA1: 8B4601D0BBF66C862E21A8C2B76ACDB7D54CDDC3
Evidence
Source Name Value
file name 3.7.0.v20130514
file name org.eclipse.team.ui_3.7.0.v20130514-1224
file name org.eclipse.team.ui_3.7.0.v20130514-1224
jar package eclipse
jar package internal
jar package team
jar package ui
jar package name eclipse
jar package name team
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.team.ui; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.7.0.v20130514-1224
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.team.git;path="bundles/org.eclipse.team.ui";tag="I20130514-0919";commitId=a293d95118c40d93026a747f8d9bd4e609352a91
Manifest require-bundle org.eclipse.ui.ide;bundle-version="[3.3.0,4.0.0)";resolution:=optional,org.eclipse.core.resources;bundle-version="[3.3.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.2.0,4.0.0)",org.eclipse.team.core;bundle-version="[3.6.0,4.0.0)",org.eclipse.ui;bundle-version="[3.5.0,4.0.0)",org.eclipse.compare;bundle-version="[3.3.0,4.0.0)",org.eclipse.ui.forms;bundle-version="[3.3.0,4.0.0)",org.eclipse.ui.navigator;bundle-version="[3.3.0,4.0.0)",org.eclipse.jface.text;bundle-version="[3.3.0,4.0.0)",org.eclipse.ui.editors;bundle-version="[3.3.0,4.0.0)"
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.equinox.frameworkadmin.equinox_1.0.500.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.frameworkadmin.equinox_1.0.500.v20130327-2119.jar
MD5: 278DF0CC0A24A5F24F9C24DA1D695062
SHA1: FD13A0E5DBFBD81529D18B7675F8370139EB3195
Evidence
Source Name Value
file name 1.0.500.v20130327
file name org.eclipse.equinox.frameworkadmin.equinox_1.0.500.v20130327-2119
file name org.eclipse.equinox.frameworkadmin.equinox_1.0.500.v20130327-2119
jar package eclipse
jar package equinox
jar package frameworkadmin
jar package internal
jar package name eclipse
jar package name equinox
jar package name frameworkadmin
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment CDC-1.1/Foundation-1.1,J2SE-1.4
Manifest bundle-symbolicname org.eclipse.equinox.frameworkadmin.equinox;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.0.500.v20130327-2119
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.frameworkadmin.equinox";tag="I20130402-0800";commitId=7184672bf7e9aed74dc896deea71041b570ffb9c
Manifest service-component OSGI-INF/fwadmin.xml
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.jdt.core.source_3.9.0.v20130604-1421.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.core.source_3.9.0.v20130604-1421.jar
MD5: E238C46F5CBCC29EAE0E9069883504E7
SHA1: AA99DB18D6A639AB75337F1C32F3DE8FC039B278
Evidence
Source Name Value
file name org.eclipse.jdt.core.source_3.9.0.v20130604-1421
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jdt.core.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jdt.core;version="3.9.0.v20130604-1421";roots:="jdtCompilerAdaptersrc,."
platform.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/platform.jar
MD5: 7F57BA21D2F1BD97A8F7B7E7F32629D5
SHA1: EEA65C5C7168ACEF19E8AA9B811392861C2965A2
Evidence
Source Name Value
file name platform
jar package eclipse
jar package internal
jar package platform
org.eclipse.pde.ds.core_1.0.300.v20130514-1232.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.ds.core_1.0.300.v20130514-1232.jar
MD5: 830CD10FC24F5983E431DB26CAA71BDD
SHA1: 8A70BEDED2BCAAF7B6418D758ECF6438582FA442
Evidence
Source Name Value
file name org.eclipse.pde.ds.core_1.0.300.v20130514-1232
jar package ds
jar package eclipse
jar package internal
jar package pde
jar package name ds
jar package name eclipse
jar package name pde
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.pde.ds.core;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/pde/eclipse.pde.ui.git;path="ds/org.eclipse.pde.ds.core";tag="I20130514-2000";commitId=c5c8edf8a63493ed3cbb27c51267e5ea05f19bac
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.3.0,4.0.0)",org.eclipse.core.filebuffers;bundle-version="[3.3.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.3.0,4.0.0)",org.eclipse.pde.core;bundle-version="[3.3.0,4.0.0)",org.eclipse.text;bundle-version="[3.3.0,4.0.0)",org.eclipse.jdt.core;bundle-version="[3.4.0,4.0.0)"
org.eclipse.osgi_3.9.0.v20130529-1710.jar
Description: %systemBundle
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.osgi_3.9.0.v20130529-1710.jar
MD5: DF706681DCE92B8550DD6CFB8128D193
SHA1: E2DDBF432B043FF1627BC354F8DF810B9F18C3FB
Evidence
Source Name Value
file name 3.9.0.v20130529
file name org.eclipse.osgi_3.9.0.v20130529-1710
file name org.eclipse.osgi_3.9.0.v20130529-1710
jar package eclipse
jar package internal
jar package osgi
jar package name bundle
jar package name debug
jar package name eclipse
jar package name equinox
jar package name framework
jar package name osgi
jar package name packageadmin
jar package name permissionadmin
jar package name service
jar package name startlevel
Manifest bundle-copyright %copyright
Manifest bundle-docurl http://www.eclipse.org
Manifest Bundle-Name %systemBundle
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.osgi; singleton:=true
Manifest Bundle-Vendor %eclipse.org
Manifest Bundle-Version 3.9.0.v20130529-1710
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.framework.git;path="bundles/org.eclipse.osgi";tag="I20130529-2000";commitId=be05c94424e00a3170d61f22e51de7d6d55e923c
Manifest export-service org.osgi.service.packageadmin.PackageAdmin,org.osgi.service.permissionadmin.PermissionAdmin,org.osgi.service.startlevel.StartLevel,org.eclipse.osgi.service.debug.DebugOptions
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.p2.ql_2.0.100.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.ql_2.0.100.v20130327-2119.jar
MD5: AFFA6C2FC25AA04DC2411D477F3C4739
SHA1: A8CF9D4717A07085E713A2B7C428EBE05B720276
Evidence
Source Name Value
file name 2.0.100.v20130327
file name org.eclipse.equinox.p2.ql_2.0.100.v20130327-2119
file name org.eclipse.equinox.p2.ql_2.0.100.v20130327-2119
jar package eclipse
jar package equinox
jar package p2
jar package ql
jar package name eclipse
jar package name equinox
jar package name p2
jar package name ql
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5,J2SE-1.4,CDC-1.1/Foundation-1.1
Manifest bundle-symbolicname org.eclipse.equinox.p2.ql;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 2.0.100.v20130327-2119
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.ql";tag="I20130402-0800";commitId=7184672bf7e9aed74dc896deea71041b570ffb9c
Manifest require-bundle org.eclipse.equinox.common;bundle-version="3.5.1"
Related Dependencies
org.eclipse.equinox.frameworkadmin_2.0.100.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.frameworkadmin_2.0.100.v20130327-2119.jar
SHA1: 65C311999A05F902A21666BD0BDF080FF0D73CFF
MD5: B8875AFB64D4697775E177675138F291
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.pde.launching.source_3.6.100.v20130507-2111.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.launching.source_3.6.100.v20130507-2111.jar
MD5: 0EB445017195104395DB9EFE213B458D
SHA1: 78BF7D297401B113B517EA8E3A32274EC37B64E6
Evidence
Source Name Value
file name org.eclipse.pde.launching.source_3.6.100.v20130507-2111
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.pde.launching.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.pde.launching;version="3.6.100.v20130507-2111";roots:="."
org.eclipse.emf.ecore_2.9.0.v20130528-0742.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.emf.ecore_2.9.0.v20130528-0742.jar
MD5: D9510440713290BFE5B9B32CEDA47B95
SHA1: 3C9BCE034C6EB180183D2F88CDCDCB7FCBC52B44
Evidence
Source Name Value
file name org.eclipse.emf.ecore_2.9.0.v20130528-0742
jar package eclipse
jar package ecore
jar package emf
jar package name eclipse
jar package name ecore
jar package name emf
jar package name plugin
jar package name resource
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.emf.ecore; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",org.eclipse.emf.common;visibility:="reexport";bundle-version="[2.9.0,3.0.0)",org.eclipse.core.resources;resolution:="optional";bundle-version="[3.5.0,4.0.0)"
org.eclipse.e4.ui.workbench.swt_0.12.0.v20130517-0139.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.workbench.swt_0.12.0.v20130517-0139.jar
MD5: 6E4C1C3DD535D9D3838A54A74E209BB2
SHA1: 5C319AA37B0B7BBD1F8A17C30D170921B9EE3A1A
Evidence
Source Name Value
file name org.eclipse.e4.ui.workbench.swt_0.12.0.v20130517-0139
jar package e4
jar package eclipse
jar package internal
jar package ui
jar package name e4
jar package name eclipse
jar package name ui
jar package name workbench
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.e4.ui.workbench.swt;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.e4.ui.workbench.swt";tag="I20130516-2200";commitId=f3a281531ddf2aa81af4f270c14c5f18ac7b8729
Manifest require-bundle org.eclipse.equinox.registry;bundle-version="[3.5.0,4.0.0)",org.eclipse.equinox.app;bundle-version="[1.3.0,2.0.0)",org.eclipse.e4.ui.workbench;bundle-version="0.10.0",org.eclipse.e4.core.services;bundle-version="1.0.0",org.eclipse.e4.ui.services;bundle-version="0.1.0",org.eclipse.jface;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.databinding;bundle-version="[1.2.0,2.0.0)",org.eclipse.jface.databinding;bundle-version="[1.3.0,2.0.0)",org.eclipse.e4.ui.css.core;bundle-version="0.9.0",org.eclipse.e4.ui.css.swt;bundle-version="0.9.0",org.w3c.css.sac;bundle-version="1.3.0",org.eclipse.osgi.services;bundle-version="[3.2.0,4.0.0)",org.eclipse.e4.ui.bindings;bundle-version="0.9.0",org.eclipse.e4.core.contexts;bundle-version="1.0.0",org.eclipse.e4.ui.workbench3;bundle-version="0.11.0",org.eclipse.core.jobs;bundle-version="[3.5.0,4.0.0)",org.eclipse.e4.core.di;bundle-version="1.1.0",org.eclipse.e4.ui.css.swt.theme;bundle-version="0.9.0",org.eclipse.core.expressions;bundle-version="[3.4.200,4.0.0)",org.eclipse.osgi;bundle-version="[3.6.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.6.0,4.0.0)",org.eclipse.e4.core.commands;bundle-version="0.9.0",org.eclipse.e4.ui.widgets;bundle-version="0.11.0",org.eclipse.e4.ui.di;bundle-version="0.9.0",org.eclipse.equinox.ds,org.eclipse.equinox.event,org.eclipse.emf.ecore.xmi;bundle-version="2.7.0",org.eclipse.e4.ui.model.workbench;bundle-version="1.0.0"
Manifest service-component OSGI-INF/testableobject.xml, OSGI-INF/statusreporter.xml,OSGI-INF/menuservice.xml
org.eclipse.team.ui.source_3.7.0.v20130514-1224.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.team.ui.source_3.7.0.v20130514-1224.jar
MD5: DDC986CE447220C5C35A070808D5A4A4
SHA1: F57C1A4F0B9E577BF532D1ACA0B04AD1D06B4721
Evidence
Source Name Value
file name org.eclipse.team.ui.source_3.7.0.v20130514-1224
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.team.ui.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.team.ui;version="3.7.0.v20130514-1224";roots:="."
org.eclipse.equinox.concurrent_1.1.0.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.concurrent_1.1.0.v20130327-1442.jar
MD5: 4A3EE6F029ACEFF2E0C2FB0015E1FB84
SHA1: F828D978E30D30A4E9E5F9946F9D977BD7A521CA
Evidence
Source Name Value
file name 1.1.0.v20130327
file name org.eclipse.equinox.concurrent_1.1.0.v20130327-1442
file name org.eclipse.equinox.concurrent_1.1.0.v20130327-1442
jar package concurrent
jar package eclipse
jar package equinox
jar package future
jar package name concurrent
jar package name eclipse
jar package name equinox
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.equinox.concurrent
Manifest Bundle-Vendor %pluginProvider
Manifest Bundle-Version 1.1.0.v20130327-1442
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.bundles.git;path="bundles/org.eclipse.equinox.concurrent";tag="I20130402-0800";commitId=452e0c8dae5a52ad9bb97e073caa16b40c3c1eee
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.jdt_3.9.0.v20130605-2000.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt_3.9.0.v20130605-2000.jar
MD5: BD927F29468B09C63650014756621ADA
SHA1: AA010A2E2F087510F930CFADE3FC51CB5CEC0D26
Evidence
Source Name Value
file name 3.9.0.v20130605
file name org.eclipse.jdt_3.9.0.v20130605-2000
file name org.eclipse.jdt_3.9.0.v20130605-2000
Manifest Bundle-Name %pluginName
Manifest bundle-symbolicname org.eclipse.jdt; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.9.0.v20130605-2000
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.git;path="org.eclipse.jdt";tag="I20130507-1100";commitId=4b293f2d40d1bd70eb8e2fb764896840dfc7e60f
Manifest require-bundle org.eclipse.ui.intro;bundle-version="[3.2.0,4.0.0)",org.eclipse.ui.cheatsheets;bundle-version="[3.2.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.e4.ui.di.source_1.0.0.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.di.source_1.0.0.v20130515-1857.jar
MD5: 0AA35A792D88FE1A833400E37896F577
SHA1: BFF8FE8D22485F9874FE5E80CE6F590D0F3C0A20
Evidence
Source Name Value
file name org.eclipse.e4.ui.di.source_1.0.0.v20130515-1857
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.ui.di.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.ui.di;version="1.0.0.v20130515-1857";roots:="."
org.eclipse.equinox.p2.ui_2.3.0.v20130528-2154.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.ui_2.3.0.v20130528-2154.jar
MD5: 727A122B1A625ED436A910A75809174E
SHA1: D9848E6587A03BEB16851449558A3D1CD5BD7238
Evidence
Source Name Value
file name org.eclipse.equinox.p2.ui_2.3.0.v20130528-2154
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name equinox
jar package name p2
jar package name ui
Manifest Bundle-Name %bundleName
Manifest bundle-requiredexecutionenvironment J2SE-1.5,J2SE-1.4,CDC-1.1/Foundation-1.1
Manifest bundle-symbolicname org.eclipse.equinox.p2.ui;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.ui";tag="I20130528-2000";commitId=8567e6661cad2d94bdb7debf1678ffb73277db2b
Manifest require-bundle org.eclipse.ui;bundle-version="3.6.0",org.eclipse.core.runtime,org.eclipse.core.expressions,org.eclipse.equinox.security.ui;bundle-version="[1.0.0,2.0.0)"
Manifest service-component OSGI-INF/repositoryTracker_component.xml, OSGI-INF/serviceui.xml
org.eclipse.equinox.simpleconfigurator.manipulator.source_2.0.0.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.simpleconfigurator.manipulator.source_2.0.0.v20130327-2119.jar
MD5: 6CF9ED82792A6C670BBEB5D2ABF37DE3
SHA1: D02CBD827B2A077E2E899708B490D64A7D39C838
Evidence
Source Name Value
file name org.eclipse.equinox.simpleconfigurator.manipulator.source_2.0.0.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.simpleconfigurator.manipulator.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.simpleconfigurator.manipulator;version="2.0.0.v20130327-2119";roots:="."
org.eclipse.equinox.p2.core.source_2.3.0.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.core.source_2.3.0.v20130327-2119.jar
MD5: ABA0F5BE761BCF67C130241743213F6C
SHA1: 76F26014BE11A1B301E06CB2EBE1ED742B92AF19
Evidence
Source Name Value
file name org.eclipse.equinox.p2.core.source_2.3.0.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.core.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.core;version="2.3.0.v20130327-2119";roots:="."
jdimodel.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/jdimodel.jar
MD5: 61A1C378C624BDD889D1F9ECDE6FDF33
SHA1: E18AED153C0793AFDFB7C570800EACB7BD60648D
Evidence
Source Name Value
file name jdimodel
jar package debug
jar package eclipse
jar package internal
jar package jdt
org.eclipse.e4.core.di.extensions.source_0.11.100.v20130514-1256.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.core.di.extensions.source_0.11.100.v20130514-1256.jar
MD5: 72238E5616A0D717ECBC6B2468283B85
SHA1: A09C0E5B752F696A2AC33B3179806E083A327C8F
Evidence
Source Name Value
file name org.eclipse.e4.core.di.extensions.source_0.11.100.v20130514-1256
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.core.di.extensions.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.core.di.extensions;version="0.11.100.v20130514-1256";roots:="."
org.eclipse.jdt.apt.pluggable.core_1.0.400.v20120516-0617.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.apt.pluggable.core_1.0.400.v20120516-0617.jar
MD5: AAB92F7E9C47E67F0AE73F2D20497503
SHA1: C9939C00F7E2FD4BC8AA423B677A5266F59531F4
Evidence
Source Name Value
file name 1.0.400.v20120516
file name org.eclipse.jdt.apt.pluggable.core_1.0.400.v20120516-0617
file name org.eclipse.jdt.apt.pluggable.core_1.0.400.v20120516-0617
jar package apt
jar package eclipse
jar package internal
jar package jdt
jar package name apt
jar package name eclipse
jar package name jdt
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment JavaSE-1.6
Manifest bundle-symbolicname org.eclipse.jdt.apt.pluggable.core;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.0.400.v20120516-0617
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.core.git;path="org.eclipse.jdt.apt.pluggable.core";tag="I20130402-0800";commitId=bc9a11699cfbb4d0ab3f4f2c216c8bcec79f0c3b
Manifest require-bundle org.eclipse.core.runtime,org.eclipse.jdt.apt.core,org.eclipse.jdt.core,org.eclipse.core.resources
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.simpleconfigurator.manipulator_2.0.0.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.simpleconfigurator.manipulator_2.0.0.v20130327-2119.jar
MD5: 58CD6BFC95D49250B365CE494B031984
SHA1: 5D0146A0E8DD5DA750E1593AA5245A9565EC805D
Evidence
Source Name Value
file name 2.0.0.v20130327
file name org.eclipse.equinox.simpleconfigurator.manipulator_2.0.0.v20130327-2119
file name org.eclipse.equinox.simpleconfigurator.manipulator_2.0.0.v20130327-2119
jar package eclipse
jar package equinox
jar package internal
jar package simpleconfigurator
jar package name eclipse
jar package name equinox
jar package name manipulator
jar package name simpleconfigurator
Manifest Bundle-Name %bundleName
Manifest bundle-requiredexecutionenvironment CDC-1.1/Foundation-1.1,J2SE-1.4
Manifest bundle-symbolicname org.eclipse.equinox.simpleconfigurator.manipulator;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 2.0.0.v20130327-2119
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.simpleconfigurator.manipulator";tag="I20130402-0800";commitId=7184672bf7e9aed74dc896deea71041b570ffb9c
Manifest require-bundle org.eclipse.equinox.common;bundle-version="3.5.0"
Manifest service-component OSGI-INF/configurator.xml
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.http.registry.source_1.1.300.v20130402-1529.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.http.registry.source_1.1.300.v20130402-1529.jar
MD5: FF9BF95D7F1C77D3B892805782E31153
SHA1: 5E4020563A2C3B432E5D169B5C656214C646ADF2
Evidence
Source Name Value
file name org.eclipse.equinox.http.registry.source_1.1.300.v20130402-1529
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.http.registry.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.http.registry;version="1.1.300.v20130402-1529";roots:="."
org.eclipse.osgi.services_3.3.100.v20130513-1956.jar
Description: %osgiServicesDes
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.osgi.services_3.3.100.v20130513-1956.jar
MD5: 7F7D4198812B01CB7C5A26399AF7706F
SHA1: 1D73531FAC5372870373A06193985611B1239F0C
Evidence
Source Name Value
file name 3.3.100.v20130513
file name org.eclipse.osgi.services_3.3.100.v20130513-1956
file name org.eclipse.osgi.services_3.3.100.v20130513-1956
jar package osgi
jar package service
jar package name cm
jar package name http
jar package name io
jar package name osgi
jar package name service
Manifest bundle-docurl http://www.eclipse.org
Manifest Bundle-Name %osgiServices
Manifest bundle-requiredexecutionenvironment OSGi/Minimum-1.2,CDC-1.1/Foundation-1.1,J2SE-1.4
Manifest bundle-symbolicname org.eclipse.osgi.services
Manifest Bundle-Vendor %eclipse.org
Manifest Bundle-Version 3.3.100.v20130513-1956
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.framework.git;path="bundles/org.eclipse.osgi.services";tag="I20130513-1600";commitId=4a43819806e41156205f1bea2bd52011f409f242
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.core.filesystem_1.4.0.v20130514-1240.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.filesystem_1.4.0.v20130514-1240.jar
MD5: 7F664CC54D9BC005C089087C867E6899
SHA1: E26398A301D91DB6516DEBE38664239481D4B309
Evidence
Source Name Value
file name 1.4.0.v20130514
file name org.eclipse.core.filesystem_1.4.0.v20130514-1240
file name org.eclipse.core.filesystem_1.4.0.v20130514-1240
jar package core
jar package eclipse
jar package filesystem
jar package internal
jar package name core
jar package name eclipse
jar package name filesystem
jar package name provider
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.core.filesystem; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.4.0.v20130514-1240
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.resources.git;path="bundles/org.eclipse.core.filesystem";tag="I20130514-0919";commitId=ef7a8a4767026d620627fdc868a22851255aa1b8
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)",org.eclipse.equinox.registry;bundle-version="[3.2.0,4.0.0)",org.eclipse.osgi;bundle-version="[3.2.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.pde.api.tools.source_1.0.500.v20130529-1948.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.api.tools.source_1.0.500.v20130529-1948.jar
MD5: DCC6458D5FE240EA5E4A626006F932A5
SHA1: 172E730E891E95884F6A6240CB1E4134C0573623
Evidence
Source Name Value
file name org.eclipse.pde.api.tools.source_1.0.500.v20130529-1948
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.pde.api.tools.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.pde.api.tools;version="1.0.500.v20130529-1948";roots:="lib/apitooling-antsrc,."
org.eclipse.equinox.p2.transport.ecf.source_1.1.0.v20130516-1858.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.transport.ecf.source_1.1.0.v20130516-1858.jar
MD5: 6487CA7224D76173859B7D1EE8F6172E
SHA1: DF433BF82682DF858CFA24B943E3A8D9DB38585E
Evidence
Source Name Value
file name org.eclipse.equinox.p2.transport.ecf.source_1.1.0.v20130516-1858
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.transport.ecf.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.transport.ecf;version="1.1.0.v20130516-1858";roots:="."
org.eclipse.jdt.apt.ui.source_3.3.300.v20120516-0617.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.apt.ui.source_3.3.300.v20120516-0617.jar
MD5: 0D7DDC5DC6C1763B6E67C7D3AF47DA56
SHA1: 143D2AA125F6AD8EA430FBE65E7D2DAF387A172E
Evidence
Source Name Value
file name org.eclipse.jdt.apt.ui.source_3.3.300.v20120516-0617
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jdt.apt.ui.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jdt.apt.ui;version="3.3.300.v20120516-0617";roots:="."
org.eclipse.e4.ui.css.core_0.10.100.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.css.core_0.10.100.v20130515-1857.jar
MD5: F50DD1CDFB242AB69C42AC1B21257CC4
SHA1: 1E5C23CA11618164B1B1B5ECCC98433EB693C72A
Evidence
Source Name Value
file name 0.10.100.v20130515
file name org.eclipse.e4.ui.css.core_0.10.100.v20130515-1857
file name org.eclipse.e4.ui.css.core_0.10.100.v20130515-1857
jar package css
jar package e4
jar package eclipse
jar package ui
jar package name css
jar package name e4
jar package name eclipse
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.e4.ui.css.core;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 0.10.100.v20130515-1857
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.e4.ui.css.core";tag="I20130515-2000";commitId=bc510cfd80224d0d77919e36978d5bc71eb6fa3d
Manifest require-bundle org.w3c.css.sac;bundle-version="1.3.0",org.apache.batik.css;bundle-version="[1.6.0,1.7.0)",org.eclipse.equinox.common;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.6.0,4.0.0)"
Related Dependencies
org.eclipse.e4.ui.bindings_0.10.100.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.bindings_0.10.100.v20130515-1857.jar
SHA1: 8C9FCBD904CF709E8899D58679F2D7A8199BF2D2
MD5: 319335B64921BC65C58C7BA07A162BCE
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.jdt.junit4.runtime_1.1.300.v20130514-0733.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.junit4.runtime_1.1.300.v20130514-0733.jar
MD5: A703F45D891D7A4FE90A6021B2EF8ADC
SHA1: 2A34EFA25D2F9B72613C6F18F5EE166401674B45
Evidence
Source Name Value
file name 1.1.300.v20130514
file name org.eclipse.jdt.junit4.runtime_1.1.300.v20130514-0733
file name org.eclipse.jdt.junit4.runtime_1.1.300.v20130514-0733
jar package eclipse
jar package internal
jar package jdt
jar package junit4
jar package name eclipse
jar package name jdt
jar package name junit4
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.jdt.junit4.runtime;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.1.300.v20130514-0733
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.ui.git;path="org.eclipse.jdt.junit4.runtime";tag="I20130514-1303";commitId=6684836879074aa2329095fd2a49259bd18e304d
Manifest require-bundle org.junit;bundle-version="4.7.0",org.eclipse.jdt.junit.runtime;bundle-version="[3.4.200,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.pde.api.tools.ui.source_1.0.400.v20130508-1748.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.api.tools.ui.source_1.0.400.v20130508-1748.jar
MD5: 887F787E7DE9A7FC9DFB45B19E294609
SHA1: 26B7FDDF74694056A23273F43FA26EA97E87D4C1
Evidence
Source Name Value
file name org.eclipse.pde.api.tools.ui.source_1.0.400.v20130508-1748
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.pde.api.tools.ui.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.pde.api.tools.ui;version="1.0.400.v20130508-1748";roots:="."
org.eclipse.equinox.p2.metadata.source_2.2.0.v20130523-1557.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.metadata.source_2.2.0.v20130523-1557.jar
MD5: 479ADBF91C0028B753DB61E1BEEAB4BF
SHA1: 122150E94CABE278D36E134029A29C05DBE78610
Evidence
Source Name Value
file name org.eclipse.equinox.p2.metadata.source_2.2.0.v20130523-1557
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.metadata.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.metadata;version="2.2.0.v20130523-1557";roots:="."
org.eclipse.core.databinding.property_1.4.200.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.databinding.property_1.4.200.v20130515-1857.jar
MD5: 267F636902C91F1B91D22729065B26F8
SHA1: 938F0E6F71ECF4795934558257F1140BFC437C80
Evidence
Source Name Value
file name 1.4.200.v20130515
file name org.eclipse.core.databinding.property_1.4.200.v20130515-1857
file name org.eclipse.core.databinding.property_1.4.200.v20130515-1857
jar package core
jar package databinding
jar package eclipse
jar package internal
jar package name core
jar package name databinding
jar package name eclipse
jar package name property
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment CDC-1.1/Foundation-1.1,J2SE-1.4
Manifest bundle-symbolicname org.eclipse.core.databinding.property
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.4.200.v20130515-1857
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.core.databinding.property";tag="I20130515-2000";commitId=bc510cfd80224d0d77919e36978d5bc71eb6fa3d
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.databinding.observable;bundle-version="[1.3.0,2.0.0)"
cpe: cpe:/a:git:git
suppress
cpe: cpe:/a:property_pro:property_pro:1.4.200.v20130515
suppress
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.help.base_4.0.0.v20130605-2000.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.help.base_4.0.0.v20130605-2000.jar
MD5: DBE0780CBA9A8D7FF2C1F64447C44FCF
SHA1: 2545B422ADDF6D1E4F21D3AF241F58B9524D959F
Evidence
Source Name Value
file name org.eclipse.help.base_4.0.0.v20130605-2000
jar package eclipse
jar package help
jar package internal
jar package name apache
jar package name base
jar package name eclipse
jar package name help
jar package name lucene
Manifest Bundle-Name %help_base_plugin_name
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.help.base; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ua.git;path="org.eclipse.help.base";tag="I20130603-2000";commitId=664586f53615478997b7d98a7a6b8c3198c15e4f
Manifest require-bundle org.eclipse.ant.core;bundle-version="3.2.200";resolution:=optional,org.eclipse.core.runtime;bundle-version="3.6.0",org.eclipse.help;bundle-version="[3.5.0,4.0.0)";visibility:=reexport,org.eclipse.core.expressions;bundle-version="[3.4.200,4.0.0)",org.apache.lucene.analysis;bundle-version="[3.5.0,4.0.0)",org.apache.lucene.core;bundle-version="[3.5.0,4.0.0)"
org.eclipse.ui.net_1.2.200.v20120807-0927.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.net_1.2.200.v20120807-0927.jar
MD5: 863C6550C72B485D3621A890FB84EC2E
SHA1: 10C411D71430D425564C8EC310BC86C943A0F948
Evidence
Source Name Value
file name 1.2.200.v20120807
file name org.eclipse.ui.net_1.2.200.v20120807-0927
file name org.eclipse.ui.net_1.2.200.v20120807-0927
jar package eclipse
jar package internal
jar package net
jar package ui
jar package name eclipse
jar package name net
jar package name ui
Manifest Bundle-Name %PLUGIN_NAME
Manifest bundle-requiredexecutionenvironment J2SE-1.4,CDC-1.1/Foundation-1.1
Manifest bundle-symbolicname org.eclipse.ui.net; singleton:=true
Manifest Bundle-Vendor %PLUGIN_PROVIDER
Manifest Bundle-Version 1.2.200.v20120807-0927
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.team.git;path="bundles/org.eclipse.ui.net";tag="I20130402-0800";commitId=79c5562d4c74180311d4b7d7e8f82ffa068e9cb7
Manifest require-bundle org.eclipse.ui;bundle-version="[3.3.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.3.0,4.0.0)",org.eclipse.core.net;bundle-version="[1.0.0,2.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.e4.ui.workbench.addons.swt_1.0.0.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.workbench.addons.swt_1.0.0.v20130515-1857.jar
MD5: 494112D18EFAEAAB9E4593D3086F2D17
SHA1: 7B3E569F2DFD59EF59E099FF4F341291E69A5855
Evidence
Source Name Value
file name org.eclipse.e4.ui.workbench.addons.swt_1.0.0.v20130515-1857
jar package e4
jar package eclipse
jar package ui
jar package workbench
jar package name e4
jar package name eclipse
jar package name ui
jar package name workbench
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.e4.ui.workbench.addons.swt;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.e4.ui.workbench.addons.swt";tag="I20130515-2000";commitId=bc510cfd80224d0d77919e36978d5bc71eb6fa3d
Manifest require-bundle org.eclipse.e4.ui.model.workbench;bundle-version="1.0.0",org.eclipse.e4.core.contexts;bundle-version="0.9.0",org.eclipse.e4.core.di;bundle-version="0.9.0",org.eclipse.e4.ui.workbench;bundle-version="0.9.1",org.eclipse.e4.core.services;bundle-version="0.9.1",org.eclipse.osgi.services;bundle-version="[3.2.100,4.0.0)",org.eclipse.e4.ui.workbench.renderers.swt;bundle-version="0.9.1",org.eclipse.e4.ui.widgets;bundle-version="0.11.0",org.eclipse.e4.ui.css.swt;bundle-version="0.9.1",org.eclipse.e4.ui.css.core;bundle-version="0.9.0",org.eclipse.swt;bundle-version="[3.7.0,4.0.0)",org.eclipse.jface;bundle-version="[3.7.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.7.0,4.0.0)",org.eclipse.e4.ui.di;bundle-version="0.10.0",org.eclipse.e4.ui.services;bundle-version="1.0.0",org.eclipse.emf.ecore.xmi;bundle-version="2.7.0"
org.eclipse.equinox.p2.console_1.0.300.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.console_1.0.300.v20130327-2119.jar
MD5: FEC723EB6434143E7B4BE2BD330486DE
SHA1: 91E3737EBD9064D9FBF4FF07FE849DB52063A389
Evidence
Source Name Value
file name 1.0.300.v20130327
file name org.eclipse.equinox.p2.console_1.0.300.v20130327-2119
file name org.eclipse.equinox.p2.console_1.0.300.v20130327-2119
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name equinox
jar package name p2
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5,J2SE-1.4,CDC-1.1/Foundation-1.1
Manifest bundle-symbolicname org.eclipse.equinox.p2.console;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.0.300.v20130327-2119
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.console";tag="I20130402-0800";commitId=7184672bf7e9aed74dc896deea71041b570ffb9c
Manifest require-bundle org.eclipse.equinox.common;bundle-version="3.3.0"
Related Dependencies
org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar
SHA1: 0EB78228CB407C0330680AD2D3936C1AB46352B4
MD5: C831B316AA3100FACCB3751A2E46D129
org.eclipse.equinox.p2.director.app_1.0.300.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.director.app_1.0.300.v20130327-2119.jar
SHA1: 9A1FD349A8C890717B333F3CEC8ABA13E7474644
MD5: D4A57E2419C0AAB43D3F9084723B188B
org.eclipse.equinox.p2.directorywatcher_1.0.300.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.directorywatcher_1.0.300.v20130327-2119.jar
SHA1: 419EE4B81577BD65FA063577013D92A68593967D
MD5: E73116C9B246873D433CAFC45A454CC4
org.eclipse.equinox.p2.jarprocessor_1.0.300.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.jarprocessor_1.0.300.v20130327-2119.jar
SHA1: DC58A54C012E0164D44B157E6BCD5B312845F6CE
MD5: 6E2E902567627D904B099788287BAE03
org.eclipse.equinox.security.win32.x86_1.0.300.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.security.win32.x86_1.0.300.v20130327-1442.jar
SHA1: 7637A0806537D674C9E3FCE31DA2316BD4EAE662
MD5: A0C99FB915C7C10323142CE42F317F38
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.ui.console_3.5.200.v20130514-0954.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.console_3.5.200.v20130514-0954.jar
MD5: 45F99D76DC2C15AC8D1B563A0DDB6B50
SHA1: 5336A2A5B87B08E9A8398A689C07BB633BE4448E
Evidence
Source Name Value
file name org.eclipse.ui.console_3.5.200.v20130514-0954
jar package console
jar package eclipse
jar package internal
jar package ui
jar package name console
jar package name eclipse
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ui.console; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.debug.git;path="org.eclipse.ui.console";tag="I20130514-0919";commitId=65020c1280249413d14515f373ca9e359921b478
Manifest require-bundle org.eclipse.ui;bundle-version="[3.5.0,4.0.0)",org.eclipse.jface.text;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.workbench.texteditor;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.expressions;bundle-version="[3.4.0,4.0.0)",org.eclipse.core.variables;bundle-version="[3.2.0,4.0.0)"
org.eclipse.equinox.p2.updatesite.source_1.0.400.v20130515-2028.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.updatesite.source_1.0.400.v20130515-2028.jar
MD5: A723393EB88262B1B307BB6D3695FE77
SHA1: BDB8B2DF7DC40E6B0DC6B30BADD6F18770E4D166
Evidence
Source Name Value
file name org.eclipse.equinox.p2.updatesite.source_1.0.400.v20130515-2028
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.updatesite.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.updatesite;version="1.0.400.v20130515-2028";roots:="."
org.eclipse.rcp_4.3.0.v20130605-2000.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.rcp_4.3.0.v20130605-2000.jar
MD5: 311D0D55475D63FCE9DD1B7775A8CF2A
SHA1: 3077CACA663AF84F063A7726535ED0752C6CCA46
Evidence
Source Name Value
file name 4.3.0.v20130605
file name org.eclipse.rcp_4.3.0.v20130605-2000
file name org.eclipse.rcp_4.3.0.v20130605-2000
Manifest Bundle-Name %pluginName
Manifest bundle-symbolicname org.eclipse.rcp; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 4.3.0.v20130605-2000
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.releng.git;path="bundles/org.eclipse.rcp";tag="I20130605-2000";commitId=28aff176d9423c92418bbb3b2af41548638d5bb1
Related Dependencies
org.eclipse.platform.doc.user_4.3.0.v20130605-1059.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.platform.doc.user_4.3.0.v20130605-1059.jar
SHA1: 8266E59D99133857C1471D8679D631E24341FA97
MD5: 33A28A0B11F064ABE8851D32AB2DDC93
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.jdt.ui.source_3.9.0.v20130605-1748.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.ui.source_3.9.0.v20130605-1748.jar
MD5: 0AE9080AE06F2EC219FD152135727931
SHA1: A6657D93370774369BE44FEE040D5DB675475E05
Evidence
Source Name Value
file name org.eclipse.jdt.ui.source_3.9.0.v20130605-1748
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jdt.ui.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jdt.ui;version="3.9.0.v20130605-1748";roots:="."
org.eclipse.e4.ui.workbench3_0.12.0.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.workbench3_0.12.0.v20130515-1857.jar
MD5: 7B95D40A68F2F5985F7C000796A3AC1F
SHA1: 60386B6A0EA37CED96124DE731C81A8638524FF4
Evidence
Source Name Value
file name 0.12.0.v20130515
file name org.eclipse.e4.ui.workbench3_0.12.0.v20130515-1857
file name org.eclipse.e4.ui.workbench3_0.12.0.v20130515-1857
jar package eclipse
jar package testing
jar package ui
jar package name eclipse
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.e4.ui.workbench3;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 0.12.0.v20130515-1857
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.e4.ui.workbench3";tag="I20130515-2000";commitId=bc510cfd80224d0d77919e36978d5bc71eb6fa3d
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.6.0,4.0.0)",org.eclipse.swt;bundle-version="[3.6.0,4.0.0)",org.eclipse.equinox.registry;bundle-version="[3.5.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.e4.ui.services_1.0.0.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.services_1.0.0.v20130515-1857.jar
MD5: C1A7FC12BEDCB8AB99453EAF01856549
SHA1: BF0C0B88CDEEBA202728EE9E7F5E4923868A1693
Evidence
Source Name Value
file name org.eclipse.e4.ui.services_1.0.0.v20130515-1857
jar package e4
jar package eclipse
jar package services
jar package ui
jar package name e4
jar package name eclipse
jar package name services
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.e4.ui.services;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.e4.ui.services";tag="I20130515-2000";commitId=bc510cfd80224d0d77919e36978d5bc71eb6fa3d
Manifest require-bundle org.eclipse.core.commands;bundle-version="[3.4.0,4.0.0)",org.eclipse.e4.core.services;bundle-version="0.9.0",org.eclipse.osgi;bundle-version="[3.6.0,4.0.0)",org.eclipse.e4.core.contexts;bundle-version="0.9.0",org.eclipse.e4.core.di;bundle-version="0.9.0",org.eclipse.e4.ui.di;bundle-version="0.9.0"
Manifest service-component OSGI-INF/eventBroker.xml
org.eclipse.ui.workbench.source_3.105.0.v20130529-1406.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.workbench.source_3.105.0.v20130529-1406.jar
MD5: E611200D8C49BF23831CFE87BE818D6C
SHA1: 9F83492B2160FD634C2DE45FB4F54604772209D8
Evidence
Source Name Value
file name org.eclipse.ui.workbench.source_3.105.0.v20130529-1406
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.workbench.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.workbench;version="3.105.0.v20130529-1406";roots:="."
org.eclipse.equinox.p2.ql.source_2.0.100.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.ql.source_2.0.100.v20130327-2119.jar
MD5: 4566B0ED28A80B022728437DBFC48D15
SHA1: BB07B796EB93E7977A5F33560FDA1220C0A33512
Evidence
Source Name Value
file name org.eclipse.equinox.p2.ql.source_2.0.100.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.ql.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.ql;version="2.0.100.v20130327-2119";roots:="."
org.eclipse.equinox.p2.engine.source_2.3.0.v20130526-2122.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.engine.source_2.3.0.v20130526-2122.jar
MD5: 888D773A401C12503BFC14FFF82FA8C2
SHA1: F7826F10E8244792F8FBE3147B02932CDF5E1FC4
Evidence
Source Name Value
file name org.eclipse.equinox.p2.engine.source_2.3.0.v20130526-2122
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.engine.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.engine;version="2.3.0.v20130526-2122";roots:="."
org.eclipse.core.filesystem.source_1.4.0.v20130514-1240.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.filesystem.source_1.4.0.v20130514-1240.jar
MD5: AD99DA503C73BE91098D19E564E8437A
SHA1: 5C4906E38ADDA0A5FB77DA8D4A25AE2F99E83A48
Evidence
Source Name Value
file name org.eclipse.core.filesystem.source_1.4.0.v20130514-1240
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.core.filesystem.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.core.filesystem;version="1.4.0.v20130514-1240";roots:="."
org.eclipse.e4.core.contexts.source_1.3.0.v20130514-1256.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.core.contexts.source_1.3.0.v20130514-1256.jar
MD5: EF5989ACB1456EA2755EDB07570F3DBE
SHA1: 7DD85335EA704690D3F092E65960D50686105688
Evidence
Source Name Value
file name org.eclipse.e4.core.contexts.source_1.3.0.v20130514-1256
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.core.contexts.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.core.contexts;version="1.3.0.v20130514-1256";roots:="."
org.eclipse.search_3.9.0.v20130312-1625.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.search_3.9.0.v20130312-1625.jar
MD5: BF3EB92344B450500E42A70F9D72F770
SHA1: EF8D8AB8CB5AF5F3D54815CE6EA91E0D181BC910
Evidence
Source Name Value
file name 3.9.0.v20130312
file name org.eclipse.search_3.9.0.v20130312-1625
file name org.eclipse.search_3.9.0.v20130312-1625
jar package eclipse
jar package internal
jar package search
jar package ui
jar package name core
jar package name eclipse
jar package name search
jar package name text
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.search; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.9.0.v20130312-1625
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.text.git;path="org.eclipse.search";tag="I20130312-2000";commitId=3d4e3dbe167e3b75bf44aab5b252c8b4670a1fca
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.3.0,2.0.0)",org.eclipse.core.filebuffers;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.ide;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.workbench.texteditor;bundle-version="[3.5.0,4.0.0)",org.eclipse.jface.text;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.forms;bundle-version="[3.4.0,4.0.0)",org.eclipse.ltk.core.refactoring;bundle-version="[3.5.0,4.0.0)",org.eclipse.ltk.ui.refactoring;bundle-version="[3.5.0,4.0.0)"
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.ui.forms_3.6.0.v20130517-0139.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.forms_3.6.0.v20130517-0139.jar
MD5: 00C2F62B21B3570A4621405801FF2D4A
SHA1: C1922B083E9EE45AECFA421042C79C3D24FB5542
Evidence
Source Name Value
file name 3.6.0.v20130517
file name org.eclipse.ui.forms_3.6.0.v20130517-0139
file name org.eclipse.ui.forms_3.6.0.v20130517-0139
jar package eclipse
jar package forms
jar package ui
jar package name eclipse
jar package name forms
jar package name ui
Manifest Bundle-Name %name
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ui.forms
Manifest Bundle-Vendor %provider-name
Manifest Bundle-Version 3.6.0.v20130517-0139
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.ui.forms";tag="I20130516-2200";commitId=f3a281531ddf2aa81af4f270c14c5f18ac7b8729
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.6.0,4.0.0)",org.eclipse.jface;bundle-version="[3.6.0,4.0.0)",org.eclipse.ui;bundle-version="[3.105.0,4.0.0)";resolution:=optional
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.team.cvs.ui.source_3.3.600.v20130514-1224.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.team.cvs.ui.source_3.3.600.v20130514-1224.jar
MD5: C7379899B86E4DB2C382F6B1672B4405
SHA1: 7AD0D48ECD8158B26EA3BC617E987364D885AE66
Evidence
Source Name Value
file name 3.3.600.v20130514
file name org.eclipse.team.cvs.ui.source_3.3.600.v20130514-1224
file name org.eclipse.team.cvs.ui.source_3.3.600.v20130514-1224
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.team.cvs.ui.source
Manifest Bundle-Vendor %bundleVendor
Manifest Bundle-Version 3.3.600.v20130514-1224
Manifest eclipse-sourcebundle org.eclipse.team.cvs.ui;version="3.3.600.v20130514-1224";roots:="."
org.eclipse.jdt.doc.user_3.9.0.v20130604-1813.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.doc.user_3.9.0.v20130604-1813.jar
MD5: 048C28DBA3DFF8379C88898878DD1646
SHA1: 85A85D6F24762C865B2B8F0BEC94158D1AF882A2
Evidence
Source Name Value
file name 3.9.0.v20130604
file name org.eclipse.jdt.doc.user_3.9.0.v20130604-1813
file name org.eclipse.jdt.doc.user_3.9.0.v20130604-1813
Manifest Bundle-Name %pluginName
Manifest bundle-symbolicname org.eclipse.jdt.doc.user; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.9.0.v20130604-1813
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.common.git;path="bundles/org.eclipse.jdt.doc.user";tag="I20130604-2000";commitId=959411b9214e1e309eaf7c5699b653db4970b457
pom artifactid eclipse.jdt.doc.user
pom artifactid eclipse.jdt.doc.user
pom groupid eclipse.jdt
pom groupid eclipse.jdt
pom version 3.9.0-SNAPSHOT
Related Dependencies
org.eclipse.pde.doc.user_3.9.0.v20130604-1813.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.doc.user_3.9.0.v20130604-1813.jar
SHA1: 947E1FFD01608D082764A3AE5D2E0BED9EC6727C
MD5: D454D97236E6FEFC879B68486783A9FE
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.jdt.apt.core_3.3.500.v20120516-0617.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.apt.core_3.3.500.v20120516-0617.jar
MD5: 50692AF6AB635470A889EE1ACD598F91
SHA1: 2907018BA2C42749AD8E0734BEE579B685ECDA5B
Evidence
Source Name Value
file name 3.3.500.v20120516
file name org.eclipse.jdt.apt.core_3.3.500.v20120516-0617
file name org.eclipse.jdt.apt.core_3.3.500.v20120516-0617
jar package apt
jar package core
jar package eclipse
jar package jdt
jar package name apt
jar package name core
jar package name eclipse
jar package name jdt
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.jdt.apt.core; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.3.500.v20120516-0617
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.core.git;path="org.eclipse.jdt.apt.core";tag="I20130402-0800";commitId=bc9a11699cfbb4d0ab3f4f2c216c8bcec79f0c3b
Manifest require-bundle org.eclipse.jdt.core;bundle-version="[3.6.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.5.100,4.0.0)",org.eclipse.core.resources;bundle-version="[3.6.0,4.0.0)",org.apache.ant;bundle-version="1.6.5"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.jdt.compiler.apt.source_1.0.600.v20130530-1010.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.compiler.apt.source_1.0.600.v20130530-1010.jar
MD5: 4A9C78BA50AE4F92CA678F37ED6C7E82
SHA1: 5ACA73716710B3819F5DA0A4E1CEC48FC7DA0476
Evidence
Source Name Value
file name org.eclipse.jdt.compiler.apt.source_1.0.600.v20130530-1010
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jdt.compiler.apt.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jdt.compiler.apt;version="1.0.600.v20130530-1010";roots:="."
org.eclipse.core.databinding.beans.source_1.2.200.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.databinding.beans.source_1.2.200.v20130515-1857.jar
MD5: 31D97FCE6F09FCD60B02D761D015585F
SHA1: B43C744EAB7708FD2C00E007E2A2BBC2C73B5822
Evidence
Source Name Value
file name org.eclipse.core.databinding.beans.source_1.2.200.v20130515-1857
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.core.databinding.beans.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.core.databinding.beans;version="1.2.200.v20130515-1857";roots:="."
org.eclipse.equinox.console.source_1.0.100.v20130429-0953.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.console.source_1.0.100.v20130429-0953.jar
MD5: 603DFBF4669F8652DDA4A6D1D5BBEED3
SHA1: 1E3EFDECEA5587A69DBB809AFB4DFB16226532C3
Evidence
Source Name Value
file name org.eclipse.equinox.console.source_1.0.100.v20130429-0953
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.console.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.console;version="1.0.100.v20130429-0953";roots:="."
org.eclipse.equinox.security.ui_1.1.100.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.security.ui_1.1.100.v20130327-1442.jar
MD5: A3ACE142C1CF022C94AA80C7078CB4A5
SHA1: 5D15A20A248B73CEFB8ADB1B2F9D74788C7957AF
Evidence
Source Name Value
file name 1.1.100.v20130327
file name org.eclipse.equinox.security.ui_1.1.100.v20130327-1442
file name org.eclipse.equinox.security.ui_1.1.100.v20130327-1442
jar package eclipse
jar package equinox
jar package internal
jar package security
jar package name eclipse
jar package name equinox
jar package name security
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.equinox.security.ui;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.1.100.v20130327-1442
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.bundles.git;path="bundles/org.eclipse.equinox.security.ui";tag="I20130402-0800";commitId=452e0c8dae5a52ad9bb97e073caa16b40c3c1eee
Manifest require-bundle org.eclipse.equinox.security;bundle-version="[1.0.0,2.0.0)",org.eclipse.equinox.preferences;bundle-version="[3.2.200,4.0.0)",org.eclipse.ui;bundle-version="[3.4.0,4.0.0)",org.eclipse.core.runtime; bundle-version="[3.4.0,4.0.0)"
Related Dependencies
org.eclipse.equinox.p2.touchpoint.natives_1.1.100.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.touchpoint.natives_1.1.100.v20130327-2119.jar
SHA1: 2DE6B12D945187504669F23B7935BA34F1C1CE1A
MD5: E28A3AF1E6902E2D957076B84348587F
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.jsp.jasper.source_1.0.400.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.jsp.jasper.source_1.0.400.v20130327-1442.jar
MD5: F1E2042DDF171B2DCB31E2EDCE5383B8
SHA1: 5593FA803025E9BB22EF6521A67FCCDB6528E221
Evidence
Source Name Value
file name org.eclipse.equinox.jsp.jasper.source_1.0.400.v20130327-1442
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.jsp.jasper.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.jsp.jasper;version="1.0.400.v20130327-1442";roots:="."
org.eclipse.equinox.p2.jarprocessor.source_1.0.300.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.jarprocessor.source_1.0.300.v20130327-2119.jar
MD5: 127919551A3BB42E52FE3BF9722EEDD5
SHA1: BD8FAAEEB59052591F57BDF289C159A1686364B6
Evidence
Source Name Value
file name org.eclipse.equinox.p2.jarprocessor.source_1.0.300.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.jarprocessor.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.jarprocessor;version="1.0.300.v20130327-2119";roots:="lib/jarprocessor-antsrc,."
org.eclipse.ui.net.source_1.2.200.v20120807-0927.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.net.source_1.2.200.v20120807-0927.jar
MD5: CDAC313BFB5FD0903710981766E4CB57
SHA1: F921BDEB7C138E4AB885FB1D17EE05B943242D54
Evidence
Source Name Value
file name org.eclipse.ui.net.source_1.2.200.v20120807-0927
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.net.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.net;version="1.2.200.v20120807-0927";roots:="."
org.eclipse.emf.common_2.9.0.v20130528-0742.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.emf.common_2.9.0.v20130528-0742.jar
MD5: 9E642EF8D1E805FF0847788A9DED36E2
SHA1: 2164C22D13D8FE412B89A5FB19D74E0DE48BFA33
Evidence
Source Name Value
file name org.eclipse.emf.common_2.9.0.v20130528-0742
jar package common
jar package eclipse
jar package emf
jar package util
jar package name common
jar package name eclipse
jar package name emf
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.emf.common;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)"
org.eclipse.equinox.bidi_0.10.0.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.bidi_0.10.0.v20130327-1442.jar
MD5: 2AF582A210B216C119EB2E3799FF2BFA
SHA1: D1586B497F3625D472D4FBBDCB6C7C3B120EAB0B
Evidence
Source Name Value
file name 0.10.0.v20130327
file name org.eclipse.equinox.bidi_0.10.0.v20130327-1442
file name org.eclipse.equinox.bidi_0.10.0.v20130327-1442
jar package bidi
jar package eclipse
jar package equinox
jar package internal
jar package name bidi
jar package name eclipse
jar package name equinox
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment OSGi/Minimum-1.2
Manifest bundle-symbolicname org.eclipse.equinox.bidi;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 0.10.0.v20130327-1442
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.bundles.git;path="bundles/org.eclipse.equinox.bidi";tag="I20130402-0800";commitId=452e0c8dae5a52ad9bb97e073caa16b40c3c1eee
Manifest require-bundle org.eclipse.equinox.common;bundle-version="3.6.0",org.eclipse.equinox.registry;bundle-version="3.5.0"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.p2.repository.tools.source_2.1.0.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.repository.tools.source_2.1.0.v20130327-2119.jar
MD5: 9FED0697F541BBC964CC10D53EF2EA0D
SHA1: E56490DB27446EDFEE9373FE891411B55A13A5B3
Evidence
Source Name Value
file name org.eclipse.equinox.p2.repository.tools.source_2.1.0.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.repository.tools.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.repository.tools;version="2.1.0.v20130327-2119";roots:="lib/repository-tools-antsrc,."
org.eclipse.equinox.p2.repository.tools_2.1.0.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.repository.tools_2.1.0.v20130327-2119.jar
MD5: D00823373A22E5DF59728FDB8D89800C
SHA1: 15A5615DB9511A5832205D92C9EE233F68F87D60
Evidence
Source Name Value
file name 2.1.0.v20130327
file name org.eclipse.equinox.p2.repository.tools_2.1.0.v20130327-2119
file name org.eclipse.equinox.p2.repository.tools_2.1.0.v20130327-2119
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name equinox
jar package name p2
jar package name repository
Manifest Bundle-Name %bundleName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.equinox.p2.repository.tools;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 2.1.0.v20130327-2119
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.repository.tools";tag="I20130402-0800";commitId=7184672bf7e9aed74dc896deea71041b570ffb9c
Manifest require-bundle org.eclipse.equinox.common;bundle-version="3.3.0", org.eclipse.equinox.registry
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.ecf.provider.filetransfer.ssl_1.0.0.v20130604-1622.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ecf.provider.filetransfer.ssl_1.0.0.v20130604-1622.jar
MD5: 90833EC9E793616222D7D8849206BA89
SHA1: B0C2CDB3240C863FA2E50254695CB86AEB5AEB33
Evidence
Source Name Value
file name 1.0.0.v20130604
file name org.eclipse.ecf.provider.filetransfer.ssl_1.0.0.v20130604-1622
file name org.eclipse.ecf.provider.filetransfer.ssl_1.0.0.v20130604-1622
jar package ecf
jar package eclipse
jar package internal
jar package provider
jar package name ecf
jar package name eclipse
jar package name provider
Manifest Bundle-Name %plugin.name
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ecf.provider.filetransfer.ssl
Manifest Bundle-Vendor %plugin.provider
Manifest Bundle-Version 1.0.0.v20130604-1622
Manifest fragment-host org.eclipse.ecf.provider.filetransfer;bundle-version="2.0.0"
Related Dependencies
org.eclipse.ecf.provider.filetransfer.httpclient4.ssl.source_1.0.0.v20130604-1622.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ecf.provider.filetransfer.httpclient4.ssl.source_1.0.0.v20130604-1622.jar
SHA1: 4F8A8695663C87C934AC7EE59A81CA2A683F0488
MD5: 2EFFE0EF186EBA33E693445D9CA1CE72
org.eclipse.ecf.provider.filetransfer.httpclient4.ssl_1.0.0.v20130604-1622.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ecf.provider.filetransfer.httpclient4.ssl_1.0.0.v20130604-1622.jar
SHA1: A5FB47A0C394423CEA21D878D8C9F5F959AD3D24
MD5: F808AD3251081C27F881843592527C41
org.eclipse.ecf.provider.filetransfer.ssl.source_1.0.0.v20130604-1622.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ecf.provider.filetransfer.ssl.source_1.0.0.v20130604-1622.jar
SHA1: 07DF20A655D6E98DD3734723EBB0901B7A54E6FD
MD5: 9C9C33D2F97594B5B4A033001C338D84
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.ui.externaltools.source_3.2.200.v20130508-2007.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.externaltools.source_3.2.200.v20130508-2007.jar
MD5: FB7CF9EF92BA857EF0C0D54B6E2DC3DB
SHA1: 882B0140F58CD55DA47F47FDFCE0847BD6DE12BF
Evidence
Source Name Value
file name org.eclipse.ui.externaltools.source_3.2.200.v20130508-2007
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.externaltools.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.externaltools;version="3.2.200.v20130508-2007";roots:="."
org.eclipse.core.databinding.observable.source_1.4.1.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.databinding.observable.source_1.4.1.v20130515-1857.jar
MD5: 3AAAF3E32EACBA32A9491255209EE172
SHA1: DCA49A624E578AA4A59D7AE5C4BD3EB31E45525C
Evidence
Source Name Value
file name org.eclipse.core.databinding.observable.source_1.4.1.v20130515-1857
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.core.databinding.observable.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.core.databinding.observable;version="1.4.1.v20130515-1857";roots:="."
org.eclipse.e4.ui.css.swt.theme_0.9.100.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.css.swt.theme_0.9.100.v20130515-1857.jar
MD5: 499820ADA9FC02011CFD8F80E51AE5DA
SHA1: 61B70F1A75302B7E6DE562C3DEEE0338FFC9CD73
Evidence
Source Name Value
file name org.eclipse.e4.ui.css.swt.theme_0.9.100.v20130515-1857
jar package css
jar package e4
jar package eclipse
jar package ui
jar package name css
jar package name e4
jar package name eclipse
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.e4.ui.css.swt.theme;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.e4.ui.css.swt.theme";tag="I20130515-2000";commitId=bc510cfd80224d0d77919e36978d5bc71eb6fa3d
Manifest require-bundle org.eclipse.swt;bundle-version="[3.6.0,4.0.0)",org.eclipse.e4.ui.css.swt;bundle-version="0.9.1",org.eclipse.e4.ui.css.core;bundle-version="0.9.0",org.eclipse.equinox.common;bundle-version="[3.6.0,4.0.0)",org.w3c.css.sac;bundle-version="1.3.0",org.eclipse.equinox.registry;bundle-version="[3.5.0,4.0.0)",org.eclipse.equinox.preferences;bundle-version="[3.3.0,4.0.0)",org.eclipse.core.runtime;bundle-version="3.8.0"
Manifest service-component OSGI-INF/thememanager.xml
org.eclipse.pde.build.source_3.8.100.v20130514-1028.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.build.source_3.8.100.v20130514-1028.jar
MD5: A89804D0D14C8109D8D4EA4DD6F3EB5B
SHA1: 24A77343710018D7A19DBEAC14ED6E849B5F2EAF
Evidence
Source Name Value
file name org.eclipse.pde.build.source_3.8.100.v20130514-1028
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.pde.build.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.pde.build;version="3.8.100.v20130514-1028";roots:="lib/pdebuild-antsrc,pdebuildsrc"
org.eclipse.equinox.security.source_1.2.0.v20130424-1801.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.security.source_1.2.0.v20130424-1801.jar
MD5: A1639A448724B09A0263281C164A1BFB
SHA1: 9698D16601865C1EBF9AE4E14E6AC9B7207DA02D
Evidence
Source Name Value
file name org.eclipse.equinox.security.source_1.2.0.v20130424-1801
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.security.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.security;version="1.2.0.v20130424-1801";roots:="."
org.eclipse.core.commands_3.6.100.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.commands_3.6.100.v20130515-1857.jar
MD5: 7FF6B417A312C8314C982BEC9547C1E2
SHA1: 0BD47A2BD0FF2FD3B115CDA7E0C8050BA0D72547
Evidence
Source Name Value
file name 3.6.100.v20130515
file name org.eclipse.core.commands_3.6.100.v20130515-1857
file name org.eclipse.core.commands_3.6.100.v20130515-1857
jar package commands
jar package core
jar package eclipse
jar package name command
jar package name commands
jar package name common
jar package name core
jar package name eclipse
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment CDC-1.0/Foundation-1.0,J2SE-1.3
Manifest bundle-symbolicname org.eclipse.core.commands
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.6.100.v20130515-1857
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.core.commands";tag="I20130515-2000";commitId=bc510cfd80224d0d77919e36978d5bc71eb6fa3d
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.p2.repository.source_2.3.0.v20130412-2032.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.repository.source_2.3.0.v20130412-2032.jar
MD5: 1A5D0945C0F26B00DA587B5239C5A09C
SHA1: 4B488174493EA46B9A15787F1629BEBC1E261661
Evidence
Source Name Value
file name org.eclipse.equinox.p2.repository.source_2.3.0.v20130412-2032
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.repository.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.repository;version="2.3.0.v20130412-2032";roots:="."
org.eclipse.core.externaltools_1.0.200.v20130402-1741.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.externaltools_1.0.200.v20130402-1741.jar
MD5: 346EE582DFA3B32203C5ACEB1533553E
SHA1: 4A225251DA911B90441F2C67182C8A1E02E5A65C
Evidence
Source Name Value
file name 1.0.200.v20130402
file name org.eclipse.core.externaltools_1.0.200.v20130402-1741
file name org.eclipse.core.externaltools_1.0.200.v20130402-1741
jar package core
jar package eclipse
jar package externaltools
jar package internal
jar package name core
jar package name eclipse
jar package name externaltools
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.core.externaltools;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.0.200.v20130402-1741
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.debug.git;path="org.eclipse.core.externaltools";tag="I20130403-1027";commitId=272f7e6866abb5267f6c18f2c4c67e8495e62f8b
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",org.eclipse.debug.core;bundle-version="[3.6.0,4.0.0)",org.eclipse.core.variables;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.5.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.ant.ui.source_3.5.400.v20130514-1341.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ant.ui.source_3.5.400.v20130514-1341.jar
MD5: 96284667FB62C0A1A244861D3BA4099F
SHA1: 861B780F169C737865527546DC23E9761B21D551
Evidence
Source Name Value
file name org.eclipse.ant.ui.source_3.5.400.v20130514-1341
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ant.ui.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ant.ui;version="3.5.400.v20130514-1341";roots:="lib/antrunnersrc,lib/remoteAntsrc,."
org.eclipse.e4.ui.workbench3.source_0.12.0.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.workbench3.source_0.12.0.v20130515-1857.jar
MD5: 975CCE5CD407DCDFCF4A06458C850F0A
SHA1: 00BECD8BE5B971DD3765585CEFA2C16F64F75FA0
Evidence
Source Name Value
file name org.eclipse.e4.ui.workbench3.source_0.12.0.v20130515-1857
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.ui.workbench3.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.ui.workbench3;version="0.12.0.v20130515-1857";roots:="."
org.eclipse.equinox.util.source_1.0.500.v20130404-1337.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.util.source_1.0.500.v20130404-1337.jar
MD5: 6E43D86E6FECEDC7D40D9132F9529168
SHA1: 278C8108BC863E72EC0980583B1DE1982E61C99A
Evidence
Source Name Value
file name org.eclipse.equinox.util.source_1.0.500.v20130404-1337
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.util.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.util;version="1.0.500.v20130404-1337";roots:="."
org.eclipse.equinox.p2.ui.importexport_1.1.0.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.ui.importexport_1.1.0.v20130327-2119.jar
MD5: F9CA68BD2293B46887857A3E0F09597F
SHA1: 03BE49708FEFC8D4DFBE05B01577A49F9BAB1682
Evidence
Source Name Value
file name org.eclipse.equinox.p2.ui.importexport_1.1.0.v20130327-2119
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name equinox
jar package name p2
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5,J2SE-1.4,CDC-1.1/Foundation-1.1
Manifest bundle-symbolicname org.eclipse.equinox.p2.ui.importexport;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.ui.importexport";tag="I20130402-0800";commitId=7184672bf7e9aed74dc896deea71041b570ffb9c
Manifest require-bundle org.eclipse.ui,org.eclipse.core.runtime,org.eclipse.equinox.p2.ui,org.eclipse.equinox.p2.extensionlocation,org.eclipse.equinox.p2.metadata;bundle-version="2.1.0",org.eclipse.ui.forms;bundle-version="3.5.0"
Manifest service-component OSGI-INF/importexport.xml
org.eclipse.core.resources_3.8.100.v20130521-2026.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.resources_3.8.100.v20130521-2026.jar
MD5: 2E3F61F69AFC3C8284728181AE07A409
SHA1: 79233D66362DB1EDBE512D2810178C6143CD19EE
Evidence
Source Name Value
file name 3.8.100.v20130521
file name org.eclipse.core.resources_3.8.100.v20130521-2026
file name org.eclipse.core.resources_3.8.100.v20130521-2026
jar package core
jar package eclipse
jar package internal
jar package resources
jar package name core
jar package name eclipse
jar package name resources
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.core.resources; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.8.100.v20130521-2026
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.resources.git;path="bundles/org.eclipse.core.resources";tag="I20130521-2000";commitId=b7c8b94cc7d9b5d345adbb10342d624f1b905473
Manifest require-bundle org.eclipse.ant.core;bundle-version="[3.1.0,4.0.0)";resolution:=optional,org.eclipse.core.expressions;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.3.0,2.0.0)",org.eclipse.core.runtime;bundle-version="[3.7.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.ant.launching_1.0.300.v20130514-1341.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ant.launching_1.0.300.v20130514-1341.jar
MD5: 8768CAD53A8F93BC4F464E3E3AFF2BB4
SHA1: FC3CDB7FB2F9DEC87B42271BCEFBB5313644ED6B
Evidence
Source Name Value
file name org.eclipse.ant.launching_1.0.300.v20130514-1341
jar package ant
jar package eclipse
jar package internal
jar package launching
jar package name ant
jar package name eclipse
jar package name launching
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ant.launching;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.git;path="ant/org.eclipse.ant.launching";tag="I20130514-1303";commitId=132e377fd86df9bb834a781e9da8202fe9563762
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",org.eclipse.debug.core;bundle-version="[3.6.0,4.0.0)",org.eclipse.jdt.launching;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.variables;bundle-version="[3.2.0,4.0.0)",org.eclipse.ant.core;bundle-version="[3.2.0,4.0.0)",org.apache.ant;bundle-version="1.7.1",org.eclipse.core.externaltools;bundle-version="[1.0.0,2.0.0)",org.eclipse.text;bundle-version="[3.5.0,4.0.0)",org.eclipse.jdt.core;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.5.0,4.0.0)"
org.eclipse.core.expressions_3.4.500.v20130515-1343.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.expressions_3.4.500.v20130515-1343.jar
MD5: 20DA519A750933FA70944F49F2CC8FFD
SHA1: 97CC20CCE87AF191FC620562AB74B1CDE95947FD
Evidence
Source Name Value
file name 3.4.500.v20130515
file name org.eclipse.core.expressions_3.4.500.v20130515-1343
file name org.eclipse.core.expressions_3.4.500.v20130515-1343
jar package core
jar package eclipse
jar package expressions
jar package internal
jar package name core
jar package name eclipse
jar package name expression
jar package name expressions
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4,CDC-1.0/Foundation-1.0,J2SE-1.3
Manifest bundle-symbolicname org.eclipse.core.expressions; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.4.500.v20130515-1343
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.runtime.git;path="bundles/org.eclipse.core.expressions";tag="I20130515-2000";commitId=eb7e043bad2d7dda6dcf98ac93cf23315c95f07f
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.3.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.osgi.services.source_3.3.100.v20130513-1956.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.osgi.services.source_3.3.100.v20130513-1956.jar
MD5: B629470C7B8E66DE6450D96B841662AF
SHA1: 6BF218ECE44065C73A2B28D1403940AB8B448CFB
Evidence
Source Name Value
file name org.eclipse.osgi.services.source_3.3.100.v20130513-1956
jar package name io
jar package name org
jar package name osgi
jar package name service
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.osgi.services.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.osgi.services;version="3.3.100.v20130513-1956";roots:="."
pom artifactid eclipse.osgi.services
pom artifactid eclipse.osgi.services
pom groupid eclipse.osgi
pom groupid eclipse.osgi
org.eclipse.e4.ui.css.swt_0.11.0.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.css.swt_0.11.0.v20130515-1857.jar
MD5: 05CAD056475D227E20404CBE36175B77
SHA1: FB92083F5EA8BFE0ECDC18B1DA11A2F9FDC0ED6D
Evidence
Source Name Value
file name 0.11.0.v20130515
file name org.eclipse.e4.ui.css.swt_0.11.0.v20130515-1857
file name org.eclipse.e4.ui.css.swt_0.11.0.v20130515-1857
jar package css
jar package e4
jar package eclipse
jar package ui
jar package name css
jar package name e4
jar package name eclipse
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.e4.ui.css.swt;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 0.11.0.v20130515-1857
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.e4.ui.css.swt";tag="I20130515-2000";commitId=bc510cfd80224d0d77919e36978d5bc71eb6fa3d
Manifest require-bundle org.eclipse.e4.ui.css.core;bundle-version="0.9.0",org.eclipse.swt;bundle-version="[3.4.1,4.0.0)",org.w3c.css.sac;bundle-version="1.3.0",org.eclipse.core.runtime;bundle-version="[3.6.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.team.cvs.core_3.3.500.v20130515-2011.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.team.cvs.core_3.3.500.v20130515-2011.jar
MD5: 3A40304780AC4DCCE14EAA0B262D1ACC
SHA1: F24DD1397AD8FFDD1EDC642FCBADC10377E9838A
Evidence
Source Name Value
file name org.eclipse.team.cvs.core_3.3.500.v20130515-2011
jar package ccvs
jar package eclipse
jar package internal
jar package team
jar package name eclipse
jar package name team
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.team.cvs.core; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.team.git;path="bundles/org.eclipse.team.cvs.core";tag="I20130515-2000";commitId=b750b5d75fb9edaad56809e379c4d6e985167396
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.3.0,4.0.0)",org.eclipse.team.core;bundle-version="[3.6.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.1.0,2.0.0)",com.jcraft.jsch;bundle-version="[0.1.27,2.0.0)",org.eclipse.jsch.core;bundle-version="[1.0.0,2.0.0)",org.eclipse.core.net;bundle-version="[1.0.0,2.0.0)",org.eclipse.equinox.security;bundle-version="[1.0.0,2.0.0)"
org.eclipse.pde.api.tools_1.0.500.v20130529-1948.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.api.tools_1.0.500.v20130529-1948.jar
MD5: 3A8BC0020108D6A6A01A9DB44D064636
SHA1: 379F71E82FF7D4B7DDB27B18770A9A937204B112
Evidence
Source Name Value
file name org.eclipse.pde.api.tools_1.0.500.v20130529-1948
jar package api
jar package eclipse
jar package pde
jar package tools
jar package name api
jar package name eclipse
jar package name pde
jar package name tools
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.pde.api.tools;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/pde/eclipse.pde.ui.git;path="apitools/org.eclipse.pde.api.tools";tag="I20130529-2000";commitId=4c1c40c39bf4ef7f40947f109891be17ba006ffc
Manifest require-bundle org.eclipse.osgi;bundle-version="[3.4.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.4.0,4.0.0)",org.eclipse.pde.core;bundle-version="[3.3.102,4.0.0)",org.eclipse.jdt.core;bundle-version="[3.8.0,4.0.0)",org.eclipse.jdt.launching;bundle-version="[3.6.100,4.0.0)",org.eclipse.core.resources;bundle-version="[3.4.0,4.0.0)",org.eclipse.text;bundle-version="[3.4.0,4.0.0)",org.eclipse.core.filebuffers;bundle-version="[3.4.0,4.0.0)",org.eclipse.ant.core;bundle-version="[3.1.300,4.0.0)",org.objectweb.asm;bundle-version="[3.2.0,4.0.0)",org.eclipse.team.core;bundle-version="[3.4.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.2.0,2.0.0)",org.eclipse.equinox.frameworkadmin;bundle-version="[2.0.0,3.0.0)",org.eclipse.core.variables;bundle-version="[3.2.0,4.0.0)"
org.eclipse.equinox.p2.publisher_1.3.0.v20130509-0110.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.publisher_1.3.0.v20130509-0110.jar
MD5: E2B88D541FCA42BEC35E99CEB9DD9864
SHA1: F3246953563CE09BB9D8DBD9F626A327FF581CC0
Evidence
Source Name Value
file name 1.3.0.v20130509
file name org.eclipse.equinox.p2.publisher_1.3.0.v20130509-0110
file name org.eclipse.equinox.p2.publisher_1.3.0.v20130509-0110
jar package eclipse
jar package equinox
jar package p2
jar package publisher
jar package name eclipse
jar package name equinox
jar package name p2
jar package name publisher
Manifest Bundle-Name %bundleName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.equinox.p2.publisher;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.3.0.v20130509-0110
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.publisher";tag="I20130509-1620";commitId=1172ab99c839dc1d8f67967b0ed060b8bc8614be
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.5.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.simpleconfigurator.source_1.0.400.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.simpleconfigurator.source_1.0.400.v20130327-2119.jar
MD5: 180C7C9F37F015E2A8FAAE2C60C5561B
SHA1: 4AA803E68779CD23BB9BFD19441616A08D7D01C3
Evidence
Source Name Value
file name org.eclipse.equinox.simpleconfigurator.source_1.0.400.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.simpleconfigurator.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.simpleconfigurator;version="1.0.400.v20130327-2119";roots:="."
org.eclipse.equinox.p2.extensionlocation.source_1.2.100.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.extensionlocation.source_1.2.100.v20130327-2119.jar
MD5: 3884A55B88A66901A29D33B42F9681E6
SHA1: 9D3C34A3D56383AA190EE156BE9F88CDD9B65C24
Evidence
Source Name Value
file name org.eclipse.equinox.p2.extensionlocation.source_1.2.100.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.extensionlocation.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.extensionlocation;version="1.2.100.v20130327-2119";roots:="."
org.eclipse.ui.navigator.source_3.5.300.v20130517-0139.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.navigator.source_3.5.300.v20130517-0139.jar
MD5: 3EC71284277ABB7F77B13CBE820BDB07
SHA1: 4A64597A53C757BDB7101255E6030092FBAEE36A
Evidence
Source Name Value
file name org.eclipse.ui.navigator.source_3.5.300.v20130517-0139
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.navigator.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.navigator;version="3.5.300.v20130517-0139";roots:="."
org.eclipse.equinox.p2.touchpoint.eclipse_2.1.200.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.touchpoint.eclipse_2.1.200.v20130327-2119.jar
MD5: 0232AA2A684F7962B654FD888DFB3F82
SHA1: B291CF50442FE8C3BE290B88DF9E877A4E3E3715
Evidence
Source Name Value
file name 2.1.200.v20130327
file name org.eclipse.equinox.p2.touchpoint.eclipse_2.1.200.v20130327-2119
file name org.eclipse.equinox.p2.touchpoint.eclipse_2.1.200.v20130327-2119
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name equinox
jar package name p2
jar package name touchpoint
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.equinox.p2.touchpoint.eclipse;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 2.1.200.v20130327-2119
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.touchpoint.eclipse";tag="I20130402-0800";commitId=7184672bf7e9aed74dc896deea71041b570ffb9c
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.5.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.pde.ua.ui_1.0.300.v20130508-1926.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.ua.ui_1.0.300.v20130508-1926.jar
MD5: 80179B13753A673C3518202113239FF2
SHA1: 7496166CFFBF65D0642178A877678B35A054EE06
Evidence
Source Name Value
file name 1.0.300.v20130508
file name org.eclipse.pde.ua.ui_1.0.300.v20130508-1926
file name org.eclipse.pde.ua.ui_1.0.300.v20130508-1926
jar package eclipse
jar package internal
jar package pde
jar package ua
jar package name eclipse
jar package name pde
jar package name ua
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.pde.ua.ui;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.0.300.v20130508-1926
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/pde/eclipse.pde.ui.git;path="ua/org.eclipse.pde.ua.ui";tag="I20130508-2000";commitId=29279c122b9a3e86c5fcb3ffbb0e10d755c39821
Manifest require-bundle org.eclipse.ui;bundle-version="[3.4.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.4.0,4.0.0)",org.eclipse.pde.ui;bundle-version="[3.4.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.4.0,4.0.0)",org.eclipse.ui.forms;bundle-version="[3.3.0,4.0.0)",org.eclipse.pde.ua.core;bundle-version="[1.0.0,2.0.0)",org.eclipse.ui.ide;bundle-version="[3.4.0,4.0.0)",org.eclipse.jface.text;bundle-version="[3.4.0,4.0.0)",org.eclipse.jdt.ui;bundle-version="[3.4.0,4.0.0)",org.eclipse.ui.cheatsheets;bundle-version="[3.3.0,4.0.0)",org.eclipse.ui.workbench.texteditor;bundle-version="[3.4.0,4.0.0)",org.eclipse.ui.editors;bundle-version="[3.4.0,4.0.0)",org.eclipse.search;bundle-version="[3.4.0,4.0.0)",org.eclipse.core.expressions;bundle-version="[3.4.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.1.0,2.0.0)"
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.equinox.frameworkadmin.source_2.0.100.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.frameworkadmin.source_2.0.100.v20130327-2119.jar
MD5: F2454287CE52000B42C3E31C85A178EA
SHA1: D86EFD829E7DEB3B58D79FC386A0431BDF41D003
Evidence
Source Name Value
file name org.eclipse.equinox.frameworkadmin.source_2.0.100.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.frameworkadmin.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.frameworkadmin;version="2.0.100.v20130327-2119";roots:="."
org.eclipse.equinox.p2.publisher.source_1.3.0.v20130509-0110.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.publisher.source_1.3.0.v20130509-0110.jar
MD5: 10D94650E648AF210FE58F1753F1DBCC
SHA1: 553145F1D70BCFE7F0067328F44FEC7F1D91D4A1
Evidence
Source Name Value
file name org.eclipse.equinox.p2.publisher.source_1.3.0.v20130509-0110
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.publisher.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.publisher;version="1.3.0.v20130509-0110";roots:="."
org.eclipse.ui.console.source_3.5.200.v20130514-0954.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.console.source_3.5.200.v20130514-0954.jar
MD5: 9ADB1EA812F1C709A7C7E22056E613FA
SHA1: 715763DEB5B11FAC9E386C8B8A842D01216E5601
Evidence
Source Name Value
file name org.eclipse.ui.console.source_3.5.200.v20130514-0954
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.console.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.console;version="3.5.200.v20130514-0954";roots:="."
org.eclipse.equinox.event.source_1.3.0.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.event.source_1.3.0.v20130327-1442.jar
MD5: 078DD01A177E008AE0732BBA2817DD40
SHA1: A51111CCD9ACF8D1CC6A26A7A6CC22DA0C24C755
Evidence
Source Name Value
file name org.eclipse.equinox.event.source_1.3.0.v20130327-1442
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.event.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.event;version="1.3.0.v20130327-1442";roots:="."
org.eclipse.ui.editors_3.8.100.v20130513-1637.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.editors_3.8.100.v20130513-1637.jar
MD5: B86C5B1911041B9D8BB51CA8099D5489
SHA1: 30102EDD5C262587FDE8916519833A098E10E695
Evidence
Source Name Value
file name 3.8.100.v20130513
file name org.eclipse.ui.editors_3.8.100.v20130513-1637
file name org.eclipse.ui.editors_3.8.100.v20130513-1637
jar package eclipse
jar package editors
jar package internal
jar package ui
jar package name eclipse
jar package name editors
jar package name text
jar package name texteditor
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ui.editors; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.8.100.v20130513-1637
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.text.git;path="org.eclipse.ui.editors";tag="I20130513-1600";commitId=046e273e1084f4c9a62f5ca64578a0ccb5fd0128
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.7.0,4.0.0)",org.eclipse.core.expressions;bundle-version="[3.4.0,4.0.0)",org.eclipse.swt;bundle-version="[3.101.0,4.0.0)",org.eclipse.ui.ide;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui;bundle-version="[3.5.0,4.0.0)",org.eclipse.jface.text;bundle-version="[3.8.0,4.0.0)",org.eclipse.ui.workbench.texteditor;bundle-version="[3.7.0,4.0.0)",org.eclipse.core.filebuffers;visibility:=reexport;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.2.0,2.0.0)"
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.help.webapp_3.6.200.v20130514-1258.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.help.webapp_3.6.200.v20130514-1258.jar
MD5: F109D239BF99E5179C97FAF0E9AB3184
SHA1: 9C473E55FC16E741616640D0F9BED3E6F373B831
Evidence
Source Name Value
file name 3.6.200.v20130514
file name org.eclipse.help.webapp_3.6.200.v20130514-1258
file name org.eclipse.help.webapp_3.6.200.v20130514-1258
jar package eclipse
jar package help
jar package internal
jar package webapp
jar package name eclipse
jar package name help
jar package name webapp
Manifest Bundle-Name %help_webapp_plugin_name
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.help.webapp;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.6.200.v20130514-1258
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ua.git;path="org.eclipse.help.webapp";tag="I20130514-0919";commitId=1dbff10ea1bcf7a0992d7cbc2bf1e946ab32c172
Manifest require-bundle org.eclipse.help.base;bundle-version="[4.0.0,5.0.0)",org.eclipse.core.runtime;bundle-version="[3.6.0,4.0.0)",org.eclipse.equinox.jsp.jasper.registry;bundle-version="1.0.100",org.eclipse.equinox.http.registry;bundle-version="1.0.200",org.eclipse.core.expressions;bundle-version="3.4.200"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.e4.core.commands_0.10.2.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.core.commands_0.10.2.v20130515-1857.jar
MD5: 5706BDCA42AE3AE0E7CB10BC5DDFCA53
SHA1: 264A83E61D396E20D545DD39EF45AE71AE2BB8FE
Evidence
Source Name Value
file name 0.10.2.v20130515
file name org.eclipse.e4.core.commands_0.10.2.v20130515-1857
file name org.eclipse.e4.core.commands_0.10.2.v20130515-1857
jar package commands
jar package core
jar package e4
jar package eclipse
jar package name commands
jar package name core
jar package name e4
jar package name eclipse
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.e4.core.commands;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 0.10.2.v20130515-1857
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.e4.core.commands";tag="I20130515-2000";commitId=bc510cfd80224d0d77919e36978d5bc71eb6fa3d
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.6.0,4.0.0)",org.eclipse.e4.core.di;bundle-version="0.9.0"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.jdt.doc.isv_3.9.0.v20130530-1553.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.doc.isv_3.9.0.v20130530-1553.jar
MD5: 893043A41A1B3F4BB436AA825236BB8B
SHA1: D898F4F0EB6D19550AA95CA778BF693476B5ED84
Evidence
Source Name Value
file name 3.9.0.v20130530
file name org.eclipse.jdt.doc.isv_3.9.0.v20130530-1553
file name org.eclipse.jdt.doc.isv_3.9.0.v20130530-1553
Manifest Bundle-Name %pluginName
Manifest bundle-symbolicname org.eclipse.jdt.doc.isv; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.9.0.v20130530-1553
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.common.git;path="bundles/org.eclipse.jdt.doc.isv";tag="I20130530-1430";commitId=f7b5c9441d6336c15b7f9ea59f747082c0063232
pom artifactid eclipse.jdt.doc.isv
pom artifactid eclipse.jdt.doc.isv
pom groupid eclipse.jdt
pom groupid eclipse.jdt
pom version 3.9.0-SNAPSHOT
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.update.configurator_3.3.200.v20130326-1319.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.update.configurator_3.3.200.v20130326-1319.jar
MD5: 6AF0B597AD8AB9B35422F6170E31B594
SHA1: 4375455F2F0BD4F014E79758BBB3D4B7340E2943
Evidence
Source Name Value
file name 3.3.200.v20130326
file name org.eclipse.update.configurator_3.3.200.v20130326-1319
file name org.eclipse.update.configurator_3.3.200.v20130326-1319
jar package configurator
jar package eclipse
jar package internal
jar package update
jar package name configurator
jar package name eclipse
jar package name update
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4,CDC-1.0/Foundation-1.0,J2SE-1.3
Manifest bundle-symbolicname org.eclipse.update.configurator; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.3.200.v20130326-1319
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.git;path="update/org.eclipse.update.configurator";tag="I20130402-0800";commitId=f5be8ebe7978849e935351f672dd5c9b50515889
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)",org.eclipse.osgi;bundle-version="[3.2.0,4.0.0)"
Manifest service-component OSGI-INF/bundleGroup.xml
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.ant.core.source_3.2.500.v20130402-1746.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ant.core.source_3.2.500.v20130402-1746.jar
MD5: 6AB71B1B5B4515567DD50F91B583E0AC
SHA1: 6F017F0514E4DD68F969B585F10C6C35ECE859A5
Evidence
Source Name Value
file name org.eclipse.ant.core.source_3.2.500.v20130402-1746
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ant.core.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ant.core;version="3.2.500.v20130402-1746";roots:="lib/antsupportlibsrc,."
org.eclipse.jface_3.9.0.v20130521-1714.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jface_3.9.0.v20130521-1714.jar
MD5: 63C68E37FA694B4C11768DD4AC3C169E
SHA1: C5EF60E55BE6B4233DA4D9CFD33621120336F1D4
Evidence
Source Name Value
file name 3.9.0.v20130521
file name org.eclipse.jface_3.9.0.v20130521-1714
file name org.eclipse.jface_3.9.0.v20130521-1714
jar package eclipse
jar package jface
jar package name commands
jar package name eclipse
jar package name jface
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4,CDC-1.1/Foundation-1.1
Manifest bundle-symbolicname org.eclipse.jface
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.9.0.v20130521-1714
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.jface";tag="I20130521-2000";commitId=cfef1333d97264bdbc8aa3279ee9dc13a9e1ea09
Manifest require-bundle org.eclipse.swt;bundle-version="[3.6.0,4.0.0)";visibility:=reexport,org.eclipse.core.commands;bundle-version="[3.4.0,4.0.0)";visibility:=reexport,org.eclipse.equinox.common;bundle-version="[3.3.0,4.0.0)",org.eclipse.equinox.bidi;bundle-version="[0.10.0,2.0.0)";resolution:=optional
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.jetty.io_8.1.10.v20130312.jar
Description: Administrative parent pom for Jetty modules
License:
http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jetty.io_8.1.10.v20130312.jar
MD5: 24BE0FE7D14C6520EBD386C31BEBDEFA
SHA1: 4D45A71871B9CB25689A0EB53981291B2FFBC264
Evidence
Source Name Value
file name 8.1.10.v20130312
file name org.eclipse.jetty.io_8.1.10.v20130312
file name org.eclipse.jetty.io_8.1.10.v20130312
jar package name eclipse
jar package name io
jar package name jetty
Manifest bundle-copyright Copyright (c) 2008-2012 Mort Bay Consulting Pty. Ltd.
Manifest bundle-docurl http://www.eclipse.org/jetty
Manifest Bundle-Name Jetty :: IO Utility
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.jetty.io
Manifest Bundle-Vendor Eclipse Jetty Project
Manifest Bundle-Version 8.1.10.v20130312
Manifest Implementation-Vendor Eclipse.org - Jetty
Manifest Implementation-Version 8.1.10.v20130312
Manifest url http://www.eclipse.org/jetty
pom artifactid jetty-io
pom artifactid jetty-io
pom name Jetty :: IO Utility
Related Dependencies
org.eclipse.jetty.continuation_8.1.10.v20130312.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jetty.continuation_8.1.10.v20130312.jar
SHA1: 72D8F5DDF9D2425506E9A6A820A0EE6FAA042835
MD5: 559CEA4978BB28495CE4A4A10896DC67
org.eclipse.jetty.http_8.1.10.v20130312.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jetty.http_8.1.10.v20130312.jar
SHA1: 7D0AEE73AB1F55E63FDF625B789E159B4B599DE0
MD5: C1661ED507F6166098EA72362D21EE20
org.eclipse.jetty.security_8.1.10.v20130312.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jetty.security_8.1.10.v20130312.jar
SHA1: 9BF4F3A58DD59E3AFBFE8E8DDA148150E7496967
MD5: E1BA6FB8D1641252C400F787DBB8C082
org.eclipse.jetty.server_8.1.10.v20130312.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jetty.server_8.1.10.v20130312.jar
SHA1: 1F496A4684A450E0DC709E213398B11B8EFD3F7E
MD5: E1F49287828F2A5F70FE90E13AE5092C
org.eclipse.jetty.servlet_8.1.10.v20130312.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jetty.servlet_8.1.10.v20130312.jar
SHA1: FDA0DF0E189289D9F2A0CF4047BD657CB9825242
MD5: A63B8CDA9531671180FF0079EC0C36AF
org.eclipse.jetty.util_8.1.10.v20130312.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jetty.util_8.1.10.v20130312.jar
SHA1: 645A982BCC22E9B09AB6E5CDC0FA638F0940D9A5
MD5: 4A76767C41BDEA815658C5F53D0DDAEE
cpe: cpe:/a:jetty:jetty:8.1.10.v20130312
suppress
cpe: cpe:/a:mortbay:jetty:8.1.10.v20130312
suppress
cpe: cpe:/a:mortbay_jetty:jetty:8.1.10.v20130312
suppress
org.eclipse.core.variables.source_3.2.700.v20130402-1741.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.variables.source_3.2.700.v20130402-1741.jar
MD5: E1994ED6F07C5C8A1A74C84546ED2C72
SHA1: 2DA1A48F9E5AEAE94A22D33901A2F9C60BEBC669
Evidence
Source Name Value
file name org.eclipse.core.variables.source_3.2.700.v20130402-1741
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.core.variables.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.core.variables;version="3.2.700.v20130402-1741";roots:="."
org.eclipse.core.net.win32.x86_1.0.100.v20100505-1614.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.net.win32.x86_1.0.100.v20100505-1614.jar
MD5: 36112912F16AEEA38BED2782F9D3644D
SHA1: DD38429583EEBEBA469FC530522463464E2B5C27
Evidence
Source Name Value
file name 1.0.100.v20100505
file name org.eclipse.core.net.win32.x86_1.0.100.v20100505-1614
file name org.eclipse.core.net.win32.x86_1.0.100.v20100505-1614
jar package core
jar package eclipse
jar package net
jar package proxyprovider
jar package name core
jar package name eclipse
jar package name net
Manifest Bundle-Name %fragmentName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.core.net.win32.x86;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.0.100.v20100505-1614
Manifest eclipse-platformfilter (& (osgi.os=win32) (osgi.arch=x86))
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.team.git;path="bundles/org.eclipse.core.net/fragments/org.eclipse.core.net.win32.x86";tag="I20130402-0800";commitId=79c5562d4c74180311d4b7d7e8f82ffa068e9cb7
Manifest fragment-host org.eclipse.core.net;bundle-version="1.1.0"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.emf.ecore.xmi_2.9.0.v20130528-0742.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.emf.ecore.xmi_2.9.0.v20130528-0742.jar
MD5: A126D6175D47E0955987911BFB5B2951
SHA1: 24F0795F80F570014E2ED876E19FDE84290AE179
Evidence
Source Name Value
file name org.eclipse.emf.ecore.xmi_2.9.0.v20130528-0742
jar package eclipse
jar package ecore
jar package emf
jar package xmi
jar package name eclipse
jar package name ecore
jar package name emf
jar package name xmi
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.emf.ecore.xmi; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",org.eclipse.emf.ecore;visibility:="reexport";bundle-version="[2.9.0,3.0.0)"
org.eclipse.equinox.p2.touchpoint.natives.source_1.1.100.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.touchpoint.natives.source_1.1.100.v20130327-2119.jar
MD5: B0CA632285CC6798787C5464978451DC
SHA1: 75EA4026C96BD32227C7F9274C82EDC7A7763B23
Evidence
Source Name Value
file name org.eclipse.equinox.p2.touchpoint.natives.source_1.1.100.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.touchpoint.natives.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.touchpoint.natives;version="1.1.100.v20130327-2119";roots:="."
org.eclipse.jdt.launching.source_3.7.0.v20130515-1451.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.launching.source_3.7.0.v20130515-1451.jar
MD5: 37AA0B73C3276B8808F2EB8CE1942BD5
SHA1: 8812243F61558F9264CFBF439880DC14A700F663
Evidence
Source Name Value
file name org.eclipse.jdt.launching.source_3.7.0.v20130515-1451
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jdt.launching.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jdt.launching;version="3.7.0.v20130515-1451";roots:="."
org.eclipse.equinox.security_1.2.0.v20130424-1801.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.security_1.2.0.v20130424-1801.jar
MD5: EAA5924D74E52AD1C0DAC8CE640A3736
SHA1: 8EB0B902A2365AA984C982119FB977AE3164141D
Evidence
Source Name Value
file name 1.2.0.v20130424
file name org.eclipse.equinox.security_1.2.0.v20130424-1801
file name org.eclipse.equinox.security_1.2.0.v20130424-1801
jar package eclipse
jar package equinox
jar package internal
jar package security
jar package name eclipse
jar package name equinox
jar package name security
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.equinox.security;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.2.0.v20130424-1801
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.bundles.git;path="bundles/org.eclipse.equinox.security";tag="I20130426-1008";commitId=be623943f73f5988a2b045b707f141f67e294770
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.p2.publisher.eclipse.source_1.1.200.v20130516-1953.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.publisher.eclipse.source_1.1.200.v20130516-1953.jar
MD5: D8C8621033766D155DB45BB10DDB0EF1
SHA1: C061E3CD481DA42E93389F427E64E69C54CFF73A
Evidence
Source Name Value
file name org.eclipse.equinox.p2.publisher.eclipse.source_1.1.200.v20130516-1953
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.publisher.eclipse.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.publisher.eclipse;version="1.1.200.v20130516-1953";roots:=".,ant_tasks/pdepublishing-antsrc"
org.eclipse.core.runtime.compatibility.source_3.2.200.v20130326-1255.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.runtime.compatibility.source_3.2.200.v20130326-1255.jar
MD5: BDCE05D906943437B43C3B7B8DDA5137
SHA1: D4D377F7D7D326EA8E3D5E23B9541FD01084758F
Evidence
Source Name Value
file name org.eclipse.core.runtime.compatibility.source_3.2.200.v20130326-1255
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.core.runtime.compatibility.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.core.runtime.compatibility;version="3.2.200.v20130326-1255";roots:="."
org.eclipse.equinox.p2.reconciler.dropins.source_1.1.200.v20130419-1850.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.reconciler.dropins.source_1.1.200.v20130419-1850.jar
MD5: DEF23F364C28407D32D7EF3A46B16E3A
SHA1: 345B8B0DF7E2FA2CA8D2A7D1B3A2E48458C7F8E8
Evidence
Source Name Value
file name org.eclipse.equinox.p2.reconciler.dropins.source_1.1.200.v20130419-1850
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.reconciler.dropins.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.reconciler.dropins;version="1.1.200.v20130419-1850";roots:="."
org.eclipse.equinox.security.ui.source_1.1.100.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.security.ui.source_1.1.100.v20130327-1442.jar
MD5: 1D774A75DF956574F50AE93C412DF505
SHA1: 854C14AA55D8BE04561206610846E345A3BDA94E
Evidence
Source Name Value
file name org.eclipse.equinox.security.ui.source_1.1.100.v20130327-1442
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.security.ui.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.security.ui;version="1.1.100.v20130327-1442";roots:="."
org.eclipse.ui.cheatsheets_3.4.200.v20130326-1254.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.cheatsheets_3.4.200.v20130326-1254.jar
MD5: 890D6C600705F05254F475AA2EC5761F
SHA1: AF575BECD00337A8D7F454550C2F05C3BBCB5C7D
Evidence
Source Name Value
file name org.eclipse.ui.cheatsheets_3.4.200.v20130326-1254
jar package cheatsheets
jar package eclipse
jar package internal
jar package ui
jar package name cheatsheets
jar package name eclipse
jar package name ui
Manifest Bundle-Name %PLUGIN_NAME
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ui.cheatsheets; singleton:=true
Manifest Bundle-Vendor %PROVIDER_NAME
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ua.git;path="org.eclipse.ui.cheatsheets";tag="I20130402-0800";commitId=4069ea9718102db6d035e7939ac9586e73fbbcef
Manifest require-bundle org.eclipse.ui;bundle-version="[3.6.0,4.0.0)",org.eclipse.ui.forms;bundle-version="[3.5.0,4.0.0)",org.eclipse.help;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.6.0,4.0.0)",org.eclipse.help.base;bundle-version="[4.0.0,5.0.0)";resolution:=optional,org.eclipse.help.ui;bundle-version="[4.0.0,5.0.0)";resolution:=optional,org.eclipse.core.expressions;bundle-version="3.4.200"
org.eclipse.e4.core.services.source_1.1.0.v20130515-1343.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.core.services.source_1.1.0.v20130515-1343.jar
MD5: D5C00B607FC01CB49CE3123DFC521061
SHA1: 03059B3C603377F53CCD75EE6EBF4578E03D4F0C
Evidence
Source Name Value
file name org.eclipse.e4.core.services.source_1.1.0.v20130515-1343
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.core.services.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.core.services;version="1.1.0.v20130515-1343";roots:="."
org.eclipse.equinox.p2.repository_2.3.0.v20130412-2032.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.repository_2.3.0.v20130412-2032.jar
MD5: 32DB9063C906F8B9CA5D57D72CB167E7
SHA1: 51DEFD139E43E3976807994E88005A2F2A615D35
Evidence
Source Name Value
file name 2.3.0.v20130412
file name org.eclipse.equinox.p2.repository_2.3.0.v20130412-2032
file name org.eclipse.equinox.p2.repository_2.3.0.v20130412-2032
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name equinox
jar package name p2
jar package name repository
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5,J2SE-1.4,CDC-1.1/Foundation-1.1
Manifest bundle-symbolicname org.eclipse.equinox.p2.repository;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 2.3.0.v20130412-2032
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.repository";tag="I20130412-1908";commitId=a6167da69e88b22dc13248c6a6d4efd8ee7371eb
Manifest require-bundle org.eclipse.equinox.common,org.eclipse.equinox.registry;bundle-version="3.3.0"
Manifest service-component OSGI-INF/cacheManager.xml
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.ui.browser_3.4.100.v20130527-1656.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.browser_3.4.100.v20130527-1656.jar
MD5: 3EB83BF43C524BDFB6351A3D0F93E032
SHA1: AF2ABDEF3E24761CBD56D9C698CCBD27CCFEC46C
Evidence
Source Name Value
file name 3.4.100.v20130527
file name org.eclipse.ui.browser_3.4.100.v20130527-1656
file name org.eclipse.ui.browser_3.4.100.v20130527-1656
jar package browser
jar package eclipse
jar package internal
jar package ui
jar package name browser
jar package name eclipse
jar package name ui
Manifest Bundle-Name %Plugin.name
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.ui.browser; singleton:=true
Manifest Bundle-Vendor %Plugin.providerName
Manifest Bundle-Version 3.4.100.v20130527-1656
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.ui.browser";tag="I20130527-2000";commitId=db65ac9e76b22adb1f53a41d8fb0d50cb5f0ad42
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.6.0,4.0.0)",org.eclipse.ui;bundle-version="[3.6.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.core.runtime.compatibility.registry.source_3.5.200.v20130514-1256.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.runtime.compatibility.registry.source_3.5.200.v20130514-1256.jar
MD5: 6E9DE81441164B09F27C457F07A9B720
SHA1: 593FE9538A43BFEB8A8F53A3E0D1A23F57233E87
Evidence
Source Name Value
file name org.eclipse.core.runtime.compatibility.registry.source_3.5.200.v20130514-1256
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.core.runtime.compatibility.registry.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.core.runtime.compatibility.registry;version="3.5.200.v20130514-1256";roots:="runtime_registry_compatibilitysrc"
org.eclipse.ltk.core.refactoring_3.6.100.v20130605-1748.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ltk.core.refactoring_3.6.100.v20130605-1748.jar
MD5: 5387F8517B4EF2128F4EF7AFC4669DCA
SHA1: 8371DE54928BFCD93CC29A263B278EF076FDAEDE
Evidence
Source Name Value
file name org.eclipse.ltk.core.refactoring_3.6.100.v20130605-1748
jar package core
jar package eclipse
jar package ltk
jar package refactoring
jar package name core
jar package name eclipse
jar package name ltk
jar package name refactoring
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ltk.core.refactoring; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.ui.git;path="org.eclipse.ltk.core.refactoring";tag="I20130605-2000";commitId=b1685b025876ed72aedfc8c7af59129b19055e7d
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.expressions;bundle-version="[3.4.100,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.2.0,2.0.0)",org.eclipse.core.filebuffers;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.commands;bundle-version="[3.5.0,4.0.0)",org.eclipse.text;bundle-version="[3.5.0,4.0.0)"
org.eclipse.help.source_3.6.0.v20130326-1254.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.help.source_3.6.0.v20130326-1254.jar
MD5: BB36289D0FE4A0A86615E7331C8F603E
SHA1: 501A2241DE470EFB476B3E67C47E4906C948EE89
Evidence
Source Name Value
file name org.eclipse.help.source_3.6.0.v20130326-1254
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.help.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.help;version="3.6.0.v20130326-1254";roots:="."
org.eclipse.debug.ui_3.9.0.v20130516-1713.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.debug.ui_3.9.0.v20130516-1713.jar
MD5: AF305897C5F347ED4037FB4FD0962B3A
SHA1: B0D5F2FD9ED4F01327446A23682F1EA0595AF7CA
Evidence
Source Name Value
file name 3.9.0.v20130516
file name org.eclipse.debug.ui_3.9.0.v20130516-1713
file name org.eclipse.debug.ui_3.9.0.v20130516-1713
jar package debug
jar package eclipse
jar package internal
jar package ui
jar package name console
jar package name debug
jar package name eclipse
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.debug.ui; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.9.0.v20130516-1713
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.debug.git;path="org.eclipse.debug.ui";tag="I20130516-1600";commitId=37b4c72b389e73c8dba177a00eb2419f13c13ca5
Manifest require-bundle org.eclipse.core.expressions;bundle-version="[3.4.0,4.0.0)",org.eclipse.core.variables;bundle-version="[3.2.0,4.0.0)",org.eclipse.ui;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.console;bundle-version="[3.4.0,4.0.0)",org.eclipse.help;bundle-version="[3.4.0,4.0.0)",org.eclipse.debug.core;bundle-version="[3.7.0,4.0.0)";visibility:=reexport,org.eclipse.jface.text;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.workbench.texteditor;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.ide;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.editors;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.2.0,2.0.0)",org.eclipse.core.resources;bundle-version="[3.5.0,4.0.0)"
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.team.core.source_3.7.0.v20130514-1224.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.team.core.source_3.7.0.v20130514-1224.jar
MD5: F334B12EF9FD0F2BE7A319D82D1E883C
SHA1: 60F40589AF8066464DCE6EE3E1C9883DB803BF9D
Evidence
Source Name Value
file name org.eclipse.team.core.source_3.7.0.v20130514-1224
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.team.core.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.team.core;version="3.7.0.v20130514-1224";roots:="."
org.eclipse.equinox.http.servlet_1.1.400.v20130418-1354.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.http.servlet_1.1.400.v20130418-1354.jar
MD5: B65ADF6EA3585B89A7C4B1274739D840
SHA1: BF56A18599940E02E2C98C9F775656E1FC11FE9E
Evidence
Source Name Value
file name 1.1.400.v20130418
file name org.eclipse.equinox.http.servlet_1.1.400.v20130418-1354
file name org.eclipse.equinox.http.servlet_1.1.400.v20130418-1354
jar package eclipse
jar package equinox
jar package http
jar package servlet
jar package name eclipse
jar package name equinox
jar package name http
jar package name servlet
Manifest Bundle-Name %bundleName
Manifest bundle-requiredexecutionenvironment CDC-1.0/Foundation-1.0,J2SE-1.3
Manifest bundle-symbolicname org.eclipse.equinox.http.servlet
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.1.400.v20130418-1354
Manifest comment-header 3.2
Manifest comment-header Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.bundles.git;path="bundles/org.eclipse.equinox.http.servlet";tag="I20130423-0017";commitId=71052352bef98535eade8308c490acbc4b2d21df
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.jsch.ui.source_1.1.400.v20111007-1310.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jsch.ui.source_1.1.400.v20111007-1310.jar
MD5: 66164F0B151E35B000F5DD572D53899D
SHA1: 872271A9291A44AD3CB7370BAEAF42250E713506
Evidence
Source Name Value
file name org.eclipse.jsch.ui.source_1.1.400.v20111007-1310
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jsch.ui.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jsch.ui;version="1.1.400.v20111007-1310";roots:="."
org.eclipse.debug.core_3.8.0.v20130514-0954.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.debug.core_3.8.0.v20130514-0954.jar
MD5: 37EE5D28A10E23BBA1900E5014EDB01F
SHA1: A49750D5842E2BA1963F396DD88AD28710AE1340
Evidence
Source Name Value
file name 3.8.0.v20130514
file name org.eclipse.debug.core_3.8.0.v20130514-0954
file name org.eclipse.debug.core_3.8.0.v20130514-0954
jar package core
jar package debug
jar package eclipse
jar package name core
jar package name debug
jar package name eclipse
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.debug.core; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.8.0.v20130514-0954
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.debug.git;path="org.eclipse.debug.core";tag="I20130514-0919";commitId=65020c1280249413d14515f373ca9e359921b478
Manifest require-bundle org.eclipse.core.resources;bundle-version="[3.5.0,4.0.0)";visibility:=reexport,org.eclipse.core.variables;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.2.0,2.0.0)",org.eclipse.core.expressions;bundle-version="[3.4.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.app_1.3.100.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.app_1.3.100.v20130327-1442.jar
MD5: 2F4D4CC26C71BD7383FD9B7762ED57AE
SHA1: CFE0DEAB8C3C4F4CAEA3767BC8BBAA4789B8F782
Evidence
Source Name Value
file name org.eclipse.equinox.app_1.3.100.v20130327-1442
jar package app
jar package eclipse
jar package equinox
jar package internal
jar package name app
jar package name eclipse
jar package name equinox
jar package name osgi
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment OSGi/Minimum-1.2,CDC-1.1/Foundation-1.1,J2SE-1.4
Manifest bundle-symbolicname org.eclipse.equinox.app; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest comment-dynamicimport this is only used to allow late binding of the package
Manifest comment-header Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.bundles.git;path="bundles/org.eclipse.equinox.app";tag="I20130402-0800";commitId=452e0c8dae5a52ad9bb97e073caa16b40c3c1eee
Manifest require-bundle org.eclipse.equinox.registry;bundle-version="[3.4.0,4.0.0)",org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)"
org.eclipse.equinox.http.registry_1.1.300.v20130402-1529.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.http.registry_1.1.300.v20130402-1529.jar
MD5: 51256C5AFD1942C4EB77E836AD23ECEC
SHA1: 336E86688646A92C8D05A865670AB2730DC51592
Evidence
Source Name Value
file name 1.1.300.v20130402
file name org.eclipse.equinox.http.registry_1.1.300.v20130402-1529
file name org.eclipse.equinox.http.registry_1.1.300.v20130402-1529
jar package eclipse
jar package equinox
jar package http
jar package registry
jar package name eclipse
jar package name equinox
jar package name http
jar package name registry
Manifest Bundle-Name %bundleName
Manifest bundle-requiredexecutionenvironment CDC-1.0/Foundation-1.0,J2SE-1.3
Manifest bundle-symbolicname org.eclipse.equinox.http.registry;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.1.300.v20130402-1529
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.bundles.git;path="bundles/org.eclipse.equinox.http.registry";tag="I20130409-0800";commitId=c36ff638c1be8c4e54e60786a058469aff8cd957
Manifest require-bundle org.eclipse.equinox.common,org.eclipse.equinox.registry
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.text_3.5.300.v20130515-1451.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.text_3.5.300.v20130515-1451.jar
MD5: 915EE0F7A3644A3DE64BEF04FF5CF815
SHA1: 5B741F85BCB0A7B96BDB8B2C3D1A7900FA729765
Evidence
Source Name Value
file name 3.5.300.v20130515
file name org.eclipse.text_3.5.300.v20130515-1451
file name org.eclipse.text_3.5.300.v20130515-1451
jar package eclipse
jar package jface
jar package text
jar package name eclipse
jar package name text
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.text
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.5.300.v20130515-1451
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.text.git;path="org.eclipse.text";tag="I20130515-2000";commitId=ceddeb903a32bd3eacd05343555a66f96420275f
Manifest require-bundle org.eclipse.core.commands;bundle-version="[3.5.0,4.0.0)",org.eclipse.equinox.common;bundle-version="[3.5.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.jdt.junit_3.7.200.v20130514-0733.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.junit_3.7.200.v20130514-0733.jar
MD5: 553DCA42FD107958D2ABDC6B6B94794F
SHA1: 47FDD0B91A6FE8D17B9CA81BABAB81286DE0AFF3
Evidence
Source Name Value
file name 3.7.200.v20130514
file name org.eclipse.jdt.junit_3.7.200.v20130514-0733
file name org.eclipse.jdt.junit_3.7.200.v20130514-0733
jar package eclipse
jar package internal
jar package jdt
jar package junit
jar package name eclipse
jar package name jdt
jar package name junit
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.jdt.junit;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.7.200.v20130514-0733
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.ui.git;path="org.eclipse.jdt.junit";tag="I20130514-1303";commitId=6684836879074aa2329095fd2a49259bd18e304d
Manifest require-bundle org.eclipse.ui.ide;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.views;bundle-version="[3.3.100,4.0.0)",org.eclipse.jface.text;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.workbench.texteditor;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.editors;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.expressions;bundle-version="[3.4.100,4.0.0)",org.eclipse.core.resources;bundle-version="[3.5.0,4.0.0)",org.eclipse.debug.core;bundle-version="[3.5.0,4.0.0)",org.eclipse.debug.ui;bundle-version="[3.5.0,4.0.0)",org.eclipse.jdt.core;bundle-version="[3.5.0,4.0.0)",org.eclipse.jdt.ui;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.7.0,4.0.0)",org.eclipse.jdt.launching;bundle-version="[3.5.0,4.0.0)",org.eclipse.jdt.debug.ui;bundle-version="[3.3.0,4.0.0)",org.eclipse.jdt.junit.runtime;bundle-version="[3.4.100,4.0.0)",org.eclipse.compare;bundle-version="[3.5.0,4.0.0)",org.eclipse.ltk.core.refactoring;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.variables;bundle-version="[3.2.200,4.0.0)",org.eclipse.ltk.ui.refactoring;bundle-version="[3.5.0,4.0.0)",org.eclipse.jdt.junit.core;bundle-version="[3.6.0,4.0.0)";visibility:=reexport,com.ibm.icu;bundle-version="4.4.2"
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.ui.workbench.texteditor.source_3.8.100.v20130514-1533.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.workbench.texteditor.source_3.8.100.v20130514-1533.jar
MD5: 419A404D82D141BB49CD0B2A1099B2F2
SHA1: 42C294EC6F3F95B5052677540771018AEB8750CE
Evidence
Source Name Value
file name org.eclipse.ui.workbench.texteditor.source_3.8.100.v20130514-1533
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.workbench.texteditor.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.workbench.texteditor;version="3.8.100.v20130514-1533";roots:="."
org.eclipse.jdt.debug.source_3.8.0.v20130514-0841.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.debug.source_3.8.0.v20130514-0841.jar
MD5: 2709DEE9A685BE4416D19855A0988AFD
SHA1: DC4A5225550D330780968DFBC32568CDD3B7A60A
Evidence
Source Name Value
file name org.eclipse.jdt.debug.source_3.8.0.v20130514-0841
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jdt.debug.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jdt.debug;version="3.8.0.v20130514-0841";roots:="jdisrc,jdimodelsrc"
org.eclipse.ui.intro_3.4.200.v20130326-1254.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.intro_3.4.200.v20130326-1254.jar
MD5: 3DD95C6C154428C452342A22CD2FB139
SHA1: 08D0D5F13F4C2E6E5F3BF28FEBF7C3CC6E764EC6
Evidence
Source Name Value
file name org.eclipse.ui.intro_3.4.200.v20130326-1254
jar package eclipse
jar package internal
jar package intro
jar package ui
jar package name eclipse
jar package name intro
jar package name ui
Manifest Bundle-Name %plugin_name
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ui.intro; singleton:=true
Manifest Bundle-Vendor %provider_name
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ua.git;path="org.eclipse.ui.intro";tag="I20130402-0800";commitId=4069ea9718102db6d035e7939ac9586e73fbbcef
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.6.0,4.0.0)",org.eclipse.help;bundle-version="[3.5.0,4.0.0)",org.eclipse.help.base;bundle-version="[4.0.0,5.0.0)";resolution:=optional,org.eclipse.ui;bundle-version="[3.6.0,4.0.0)",org.eclipse.ui.forms;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.expressions;bundle-version="3.4.200"
org.eclipse.jdt.debug.ui.source_3.6.200.v20130514-0841.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.debug.ui.source_3.6.200.v20130514-0841.jar
MD5: 9AD9A8ED4DA7B1C8E3BA12CE892A0D05
SHA1: 3E450B37B4E5D522B1C251977683C447F279C89F
Evidence
Source Name Value
file name org.eclipse.jdt.debug.ui.source_3.6.200.v20130514-0841
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jdt.debug.ui.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jdt.debug.ui;version="3.6.200.v20130514-0841";roots:="snippetsupportsrc,."
org.eclipse.ant.ui_3.5.400.v20130514-1341.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ant.ui_3.5.400.v20130514-1341.jar
MD5: 83835AE0359C314F68258C7BED37E050
SHA1: 2C6B06EAB3D323CA9491845DFB42425AD4F3C5A5
Evidence
Source Name Value
file name 3.5.400.v20130514
file name org.eclipse.ant.ui_3.5.400.v20130514-1341
file name org.eclipse.ant.ui_3.5.400.v20130514-1341
jar package ant
jar package eclipse
jar package internal
jar package ui
jar package name ant
jar package name eclipse
jar package name launching
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ant.ui; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.5.400.v20130514-1341
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.git;path="ant/org.eclipse.ant.ui";tag="I20130514-1303";commitId=132e377fd86df9bb834a781e9da8202fe9563762
Manifest require-bundle org.eclipse.ui.ide;bundle-version="[3.2.0,4.0.0)";resolution:=optional,org.eclipse.ui.views;bundle-version="[3.2.0,4.0.0)";resolution:=optional,org.eclipse.jface.text;bundle-version="[3.5.0,4.0.0)";resolution:=optional,org.eclipse.ui.workbench.texteditor;bundle-version="[3.5.0,4.0.0)";resolution:=optional,org.eclipse.ui.editors;bundle-version="[3.2.0,4.0.0)";resolution:=optional,org.apache.ant;bundle-version="1.8.4",org.eclipse.ant.core;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.0.0,2.0.0)",org.eclipse.core.resources;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.variables;bundle-version="[3.1.0,4.0.0)",org.eclipse.ui.externaltools;bundle-version="[3.2.0,4.0.0)",org.eclipse.ui;bundle-version="[3.2.0,4.0.0)",org.eclipse.ui.console;bundle-version="[3.1.0,4.0.0)",org.eclipse.debug.core;bundle-version="[3.6.0,4.0.0)",org.eclipse.debug.ui;bundle-version="[3.6.0,4.0.0)",org.eclipse.jdt.ui;bundle-version="[3.2.0,4.0.0)",org.eclipse.jdt.debug.ui;bundle-version="[3.2.0,4.0.0)",org.eclipse.jdt.launching;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.7.0,4.0.0)",org.eclipse.jdt.core;bundle-version="[3.2.0,4.0.0)",org.eclipse.team.core;bundle-version="[3.2.0,4.0.0)",org.eclipse.ltk.core.refactoring;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.expressions;bundle-version="[3.2.0,4.0.0)",org.eclipse.jdt.junit;bundle-version="[3.5.0,4.0.0)",org.eclipse.ant.launching;bundle-version="[1.0.0,2.0.0)",org.eclipse.core.externaltools;bundle-version="[1.0.0,2.0.0)"
Related Dependencies
org.eclipse.compare_3.5.400.v20130514-1224.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.compare_3.5.400.v20130514-1224.jar
SHA1: C29E2600476B2B4203C475C9EB136807B80E926D
MD5: 4FBBB277BC0E2ED5D14264401AAB60ED
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.ui.views.source_3.6.100.v20130326-1250.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.views.source_3.6.100.v20130326-1250.jar
MD5: ED0EFAC7B4C816A1741F08F3E5AECCC4
SHA1: DC27982B948F4419637E3E76895D03DB02D6675E
Evidence
Source Name Value
file name org.eclipse.ui.views.source_3.6.100.v20130326-1250
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.views.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.views;version="3.6.100.v20130326-1250";roots:="."
org.eclipse.pde.core_3.9.0.v20130515-1659.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.core_3.9.0.v20130515-1659.jar
MD5: 7D0FE9E12348B845CC3A556F926548FF
SHA1: 6D46B6361F671D9C29AC3A360EE02CC79F78FEED
Evidence
Source Name Value
file name org.eclipse.pde.core_3.9.0.v20130515-1659
jar package core
jar package eclipse
jar package internal
jar package pde
jar package name build
jar package name core
jar package name eclipse
jar package name pde
Manifest Bundle-Name %name
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.pde.core; singleton:=true
Manifest Bundle-Vendor %provider-name
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/pde/eclipse.pde.ui.git;path="ui/org.eclipse.pde.core";tag="I20130515-2000";commitId=b5c7f8cc76983f4bf3167f59dcd49bb1aada94fc
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.1.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.2.0,4.0.0)",org.eclipse.jdt.core;bundle-version="[3.2.0,4.0.0)",org.eclipse.team.core;bundle-version="[3.2.0,4.0.0)",org.eclipse.update.configurator;bundle-version="[3.1.0,4.0.0)",org.eclipse.text;bundle-version="[3.1.0,4.0.0)",org.eclipse.jdt.launching;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.filebuffers;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.variables;bundle-version="[3.1.0,4.0.0)",org.eclipse.pde.build;bundle-version="[3.2.0,4.1.0)",org.eclipse.ant.core;bundle-version="[3.1.0,4.0.0)",org.eclipse.equinox.simpleconfigurator.manipulator;bundle-version="[2.0.0,3.0.0)",org.eclipse.equinox.frameworkadmin;bundle-version="[2.0.0,3.0.0)",org.eclipse.debug.core;bundle-version="[3.5.0,4.0.0)",org.eclipse.equinox.p2.engine;bundle-version="[2.0.0,3.0.0)",org.eclipse.equinox.p2.core;bundle-version="[2.0.0,3.0.0)",org.eclipse.equinox.p2.metadata;bundle-version="[2.0.0,3.0.0)",org.eclipse.equinox.p2.director;bundle-version="[2.0.0,3.0.0)",org.eclipse.equinox.p2.artifact.repository;bundle-version="[1.0.100,2.0.0)",org.eclipse.equinox.p2.repository;bundle-version="[2.0.0,3.0.0]",org.eclipse.equinox.p2.repository.tools;bundle-version="[2.0.100,3.0.0)",org.eclipse.equinox.p2.metadata.repository;bundle-version="[1.0.100,2.0.0)",org.eclipse.equinox.p2.garbagecollector;bundle-version="[1.0.100,2.0.0)",org.eclipse.equinox.p2.touchpoint.eclipse;bundle-version="[2.0.0,3.0.0)",org.eclipse.core.expressions;bundle-version="[3.4.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.0.0,2.0.0)"
org.eclipse.help.ui_4.0.0.v20130515-1955.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.help.ui_4.0.0.v20130515-1955.jar
MD5: A02C1196D547B14F8FE5BADCCF63582D
SHA1: AD1FBCD34F42913B4A26D48854C47209CC259AC3
Evidence
Source Name Value
file name org.eclipse.help.ui_4.0.0.v20130515-1955
jar package eclipse
jar package help
jar package internal
jar package ui
jar package name eclipse
jar package name help
jar package name ui
Manifest Bundle-Name %help_system_plugin_name
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.help.ui; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ua.git;path="org.eclipse.help.ui";tag="I20130515-2000";commitId=65eb714589164c08280dd44b63c71bdfdf68cbbf
Manifest require-bundle org.eclipse.help.base;bundle-version="[4.0.0,5.0.0)";visibility:=reexport,org.eclipse.ui;bundle-version="[3.6.0,4.0.0)";visibility:=reexport,org.eclipse.core.runtime;bundle-version="[3.6.0,4.0.0)";visibility:=reexport,org.eclipse.ui.forms;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.expressions;bundle-version="3.4.200"
org.eclipse.e4.core.di_1.3.0.v20130514-1256.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.core.di_1.3.0.v20130514-1256.jar
MD5: CB4FF1F1B67239DD7207D0F47E31759D
SHA1: 2C7881C69D19466CA4D2360F96975ADD7FCF8D59
Evidence
Source Name Value
file name 1.3.0.v20130514
file name org.eclipse.e4.core.di_1.3.0.v20130514-1256
file name org.eclipse.e4.core.di_1.3.0.v20130514-1256
jar package core
jar package e4
jar package eclipse
jar package internal
jar package name core
jar package name di
jar package name e4
jar package name eclipse
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.e4.core.di
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.3.0.v20130514-1256
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.runtime.git;path="bundles/org.eclipse.e4.core.di";tag="I20130514-0919";commitId=3b16e56dc8b78989ebfd42f61ea59ca67c994a67
Manifest require-bundle org.eclipse.osgi;bundle-version="3.6.0";resolution:=optional
Related Dependencies
org.eclipse.e4.core.contexts_1.3.0.v20130514-1256.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.core.contexts_1.3.0.v20130514-1256.jar
SHA1: EE8CA475B1C7D8910352B85BA99981ECCA583DD8
MD5: 31702E3CAD032C2D59677CBBCA1EB8E1
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.e4.core.services_1.1.0.v20130515-1343.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.core.services_1.1.0.v20130515-1343.jar
MD5: 8D8E146BA18382E51E224E64F0FA6067
SHA1: 56A6DF081F8ECB7304498FA504E5109C6FD9EB8A
Evidence
Source Name Value
file name 1.1.0.v20130515
file name org.eclipse.e4.core.services_1.1.0.v20130515-1343
file name org.eclipse.e4.core.services_1.1.0.v20130515-1343
jar package core
jar package e4
jar package eclipse
jar package services
jar package name core
jar package name e4
jar package name eclipse
jar package name services
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.e4.core.services;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.1.0.v20130515-1343
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.runtime.git;path="bundles/org.eclipse.e4.core.services";tag="I20130515-2000";commitId=eb7e043bad2d7dda6dcf98ac93cf23315c95f07f
Manifest require-bundle org.eclipse.equinox.common;bundle-version="3.4.0",org.eclipse.equinox.preferences;bundle-version="3.3.0",org.eclipse.core.jobs;bundle-version="3.5.0",org.eclipse.e4.core.di,org.eclipse.e4.core.contexts
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.p2.console.source_1.0.300.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.console.source_1.0.300.v20130327-2119.jar
MD5: D125D7BA8E58DB61DA00BDE7573F7793
SHA1: CBDBCE51F65D704099D1F6039E97754CCD569B7F
Evidence
Source Name Value
file name org.eclipse.equinox.p2.console.source_1.0.300.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.console.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.console;version="1.0.300.v20130327-2119";roots:="."
org.eclipse.help.webapp.source_3.6.200.v20130514-1258.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.help.webapp.source_3.6.200.v20130514-1258.jar
MD5: B0122DE35AC6FDAF731EEBF8EE12FB5F
SHA1: 7BFC7A375DEC914C8AEFDC0CEA2E259DB4127500
Evidence
Source Name Value
file name org.eclipse.help.webapp.source_3.6.200.v20130514-1258
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.help.webapp.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.help.webapp;version="3.6.200.v20130514-1258";roots:="."
org.eclipse.equinox.p2.operations_2.3.0.v20130603-1809.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.operations_2.3.0.v20130603-1809.jar
MD5: 77B1C4FF9C1160082B57D36E46522DC6
SHA1: 3A2D48B6CC974D9E0F44799195CB2725960F6539
Evidence
Source Name Value
file name 2.3.0.v20130603
file name org.eclipse.equinox.p2.operations_2.3.0.v20130603-1809
file name org.eclipse.equinox.p2.operations_2.3.0.v20130603-1809
jar package eclipse
jar package equinox
jar package operations
jar package p2
jar package name eclipse
jar package name equinox
jar package name operations
jar package name p2
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.equinox.p2.operations;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 2.3.0.v20130603-1809
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.operations";tag="I20130603-2000";commitId=812405020815af6aeed18c0a0ef600cb9eb0955e
Manifest require-bundle org.eclipse.equinox.common;bundle-version="3.6.0",org.eclipse.core.jobs;bundle-version="3.5.0"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.platform.doc.isv_4.3.0.v20130606-0003.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.platform.doc.isv_4.3.0.v20130606-0003.jar
MD5: 019B6F4E87698403352D1DEE9D8CAC89
SHA1: 10B90C35DD30BADC8B03BDBDD4323AD6001EF385
Evidence
Source Name Value
file name 4.3.0.v20130606
file name org.eclipse.platform.doc.isv_4.3.0.v20130606-0003
file name org.eclipse.platform.doc.isv_4.3.0.v20130606-0003
Manifest Bundle-Name %pluginName
Manifest bundle-symbolicname org.eclipse.platform.doc.isv; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 4.3.0.v20130606-0003
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.common.git;path="bundles/org.eclipse.platform.doc.isv";tag="I20130605-2000";commitId=4cd40cedd7c8f1a3635af9bb18bd9298ec2d9852
Manifest require-bundle org.eclipse.help;bundle-version="[3.2.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.security.win32.x86.source_1.0.300.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.security.win32.x86.source_1.0.300.v20130327-1442.jar
MD5: 8A3800060820DFFAE23E2292A2330F96
SHA1: 1BAF8B7B3B31BD709647767A1FCFCBB8A4FABFE3
Evidence
Source Name Value
file name org.eclipse.equinox.security.win32.x86.source_1.0.300.v20130327-1442
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.security.win32.x86.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.security.win32.x86;version="1.0.300.v20130327-1442";roots:="."
org.eclipse.core.filebuffers_3.5.300.v20130225-1821.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.filebuffers_3.5.300.v20130225-1821.jar
MD5: F71910D1C9437D03E5224A92A29E2BD9
SHA1: CEA7E6C98148088DF805B77ED28FE958056AEF10
Evidence
Source Name Value
file name 3.5.300.v20130225
file name org.eclipse.core.filebuffers_3.5.300.v20130225-1821
file name org.eclipse.core.filebuffers_3.5.300.v20130225-1821
jar package core
jar package eclipse
jar package filebuffers
jar package internal
jar package name core
jar package name eclipse
jar package name filebuffers
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.core.filebuffers; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.5.300.v20130225-1821
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.text.git;path="org.eclipse.core.filebuffers";tag="I20130312-2000";commitId=3d4e3dbe167e3b75bf44aab5b252c8b4670a1fca
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.7.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.5.0,4.0.0)";resolution:=optional,org.eclipse.text;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.2.0,2.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.ui.win32_3.2.400.v20130516-1056.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.win32_3.2.400.v20130516-1056.jar
MD5: 28141B35B41AE916403F09D02CD93E56
SHA1: 2F5CDA597C6C371B42BCAD1543BBEB263EB43C47
Evidence
Source Name Value
file name 3.2.400.v20130516
file name org.eclipse.ui.win32_3.2.400.v20130516-1056
file name org.eclipse.ui.win32_3.2.400.v20130516-1056
jar package eclipse
jar package editorsupport
jar package internal
jar package ui
jar package name eclipse
jar package name ui
Manifest bundle-localization fragment-win32
Manifest Bundle-Name %fragmentName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ui.win32
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.2.400.v20130516-1056
Manifest eclipse-platformfilter (osgi.ws=win32)
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.ui.win32";tag="I20130516-2200";commitId=f3a281531ddf2aa81af4f270c14c5f18ac7b8729
Manifest fragment-host org.eclipse.ui.ide;bundle-version="[3.2.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.swt_3.102.0.v20130605-1539.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.swt_3.102.0.v20130605-1539.jar
MD5: 2CF163C73D3477F33EF547D26AAFBF7D
SHA1: CADAD969622AA3A952EE0B7FF8640FA6EA61E33E
Evidence
Source Name Value
file name 3.102.0.v20130605
file name org.eclipse.swt_3.102.0.v20130605-1539
file name org.eclipse.swt_3.102.0.v20130605-1539
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment CDC-1.0/Foundation-1.0,J2SE-1.3
Manifest bundle-symbolicname org.eclipse.swt; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.102.0.v20130605-1539
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.swt.git;path="bundles/org.eclipse.swt";tag="I20130605-2000";commitId=b05ed3b2410bf9880ea77e7dcf0101adc35a621a
Related Dependencies
org.eclipse.swt.win32.win32.x86_3.102.0.v20130605-1544.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.swt.win32.win32.x86_3.102.0.v20130605-1544.jar
SHA1: 53141FA77D0FB093DE3D47F0B57566F3642C0F26
MD5: A902F20E2BEB830EE6F6BC207E888181
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.core.databinding.beans_1.2.200.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.databinding.beans_1.2.200.v20130515-1857.jar
MD5: 40CC6B68DF5AF82328BAFB4E4A10B93D
SHA1: 616F1EE488EE8CF2D7C2C582845DC093A7E21F83
Evidence
Source Name Value
file name 1.2.200.v20130515
file name org.eclipse.core.databinding.beans_1.2.200.v20130515-1857
file name org.eclipse.core.databinding.beans_1.2.200.v20130515-1857
jar package core
jar package databinding
jar package eclipse
jar package internal
jar package name beans
jar package name core
jar package name databinding
jar package name eclipse
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.core.databinding.beans
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.2.200.v20130515-1857
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.core.databinding.beans";tag="I20130515-2000";commitId=bc510cfd80224d0d77919e36978d5bc71eb6fa3d
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.databinding.observable;bundle-version="[1.2.0,2.0.0)",org.eclipse.core.databinding.property;bundle-version="[1.3.0,2.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.osgi.util_3.2.300.v20130513-1956.jar
Description: %osgiUtilDes
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.osgi.util_3.2.300.v20130513-1956.jar
MD5: 641173819AD07A3D0B4D1511B8804198
SHA1: 575E3739CDA13C2EECF344D9CB4EF6BD8A4D7956
Evidence
Source Name Value
file name 3.2.300.v20130513
file name org.eclipse.osgi.util_3.2.300.v20130513-1956
file name org.eclipse.osgi.util_3.2.300.v20130513-1956
jar package measurement
jar package osgi
jar package util
jar package name osgi
jar package name util
Manifest bundle-docurl http://www.eclipse.org
Manifest Bundle-Name %osgiUtil
Manifest bundle-requiredexecutionenvironment OSGi/Minimum-1.2,CDC-1.1/Foundation-1.1,J2SE-1.4
Manifest bundle-symbolicname org.eclipse.osgi.util
Manifest Bundle-Vendor %eclipse.org
Manifest Bundle-Version 3.2.300.v20130513-1956
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.framework.git;path="bundles/org.eclipse.osgi.util";tag="I20130513-1600";commitId=4a43819806e41156205f1bea2bd52011f409f242
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.core.expressions.source_3.4.500.v20130515-1343.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.expressions.source_3.4.500.v20130515-1343.jar
MD5: 86646A73427CD8D168F326765856A5DF
SHA1: F1804097266B918345FF69A9315748F2E78FB374
Evidence
Source Name Value
file name org.eclipse.core.expressions.source_3.4.500.v20130515-1343
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.core.expressions.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.core.expressions;version="3.4.500.v20130515-1343";roots:="."
org.eclipse.ui.views.properties.tabbed.source_3.6.0.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.views.properties.tabbed.source_3.6.0.v20130515-1857.jar
MD5: BB4B64B5E6BCD3212C516D527898752D
SHA1: F5BD5CB237524C6C5909F1CBE7AA9FE2700D3B00
Evidence
Source Name Value
file name org.eclipse.ui.views.properties.tabbed.source_3.6.0.v20130515-1857
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.views.properties.tabbed.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.views.properties.tabbed;version="3.6.0.v20130515-1857";roots:="."
org.eclipse.pde.ui.templates.source_3.4.600.v20130507-2057.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.ui.templates.source_3.4.600.v20130507-2057.jar
MD5: B8BDFDDC1C543FB6D4CE0E6524608EBA
SHA1: 079BD8A32BF93B245989898D362475E054483252
Evidence
Source Name Value
file name org.eclipse.pde.ui.templates.source_3.4.600.v20130507-2057
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.pde.ui.templates.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.pde.ui.templates;version="3.4.600.v20130507-2057";roots:="."
org.eclipse.jsch.core_1.1.400.v20111202-1616.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jsch.core_1.1.400.v20111202-1616.jar
MD5: 0F5B79C126A672EBC2D7D5C6D78D2B84
SHA1: F5811E75AF5CF18E6C5AA7BF270D9E269863E7DB
Evidence
Source Name Value
file name 1.1.400.v20111202
file name org.eclipse.jsch.core_1.1.400.v20111202-1616
file name org.eclipse.jsch.core_1.1.400.v20111202-1616
jar package core
jar package eclipse
jar package internal
jar package jsch
jar package name core
jar package name eclipse
jar package name jsch
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.jsch.core;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.1.400.v20111202-1616
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.team.git;path="bundles/org.eclipse.jsch.core";tag="I20130402-0800";commitId=79c5562d4c74180311d4b7d7e8f82ffa068e9cb7
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.3.0,4.0.0)",com.jcraft.jsch;bundle-version="[0.1.28,1.0.0)",org.eclipse.core.net;bundle-version="[1.0.0,2.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.e4.core.di.extensions_0.11.100.v20130514-1256.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.core.di.extensions_0.11.100.v20130514-1256.jar
MD5: 7C74D56A0AC5127FFEBB9D8FA36249F2
SHA1: 9FF208BFB6BDE93F54EB20F1ECBAB8201BE28677
Evidence
Source Name Value
file name 0.11.100.v20130514
file name org.eclipse.e4.core.di.extensions_0.11.100.v20130514-1256
file name org.eclipse.e4.core.di.extensions_0.11.100.v20130514-1256
jar package core
jar package di
jar package e4
jar package eclipse
jar package name core
jar package name di
jar package name e4
jar package name eclipse
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.e4.core.di.extensions;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 0.11.100.v20130514-1256
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.runtime.git;path="bundles/org.eclipse.e4.core.di.extensions";tag="I20130514-0919";commitId=3b16e56dc8b78989ebfd42f61ea59ca67c994a67
Manifest require-bundle org.eclipse.osgi;bundle-version="3.6.0",org.eclipse.equinox.preferences;bundle-version="3.3.0",org.eclipse.e4.core.di;bundle-version="0.9.0",org.eclipse.osgi.services;bundle-version="3.2.100"
Manifest service-component OSGI-INF/preferences.xml, OSGI-INF/events.xml
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.team.core_3.7.0.v20130514-1224.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.team.core_3.7.0.v20130514-1224.jar
MD5: 3953273662B8E4F640392F4D28AD69F4
SHA1: C6A8D965F360486800D78393661DBBA8A77BFECF
Evidence
Source Name Value
file name 3.7.0.v20130514
file name org.eclipse.team.core_3.7.0.v20130514-1224
file name org.eclipse.team.core_3.7.0.v20130514-1224
jar package core
jar package eclipse
jar package team
jar package name core
jar package name eclipse
jar package name team
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.team.core; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.7.0.v20130514-1224
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.team.git;path="bundles/org.eclipse.team.core";tag="I20130514-0919";commitId=a293d95118c40d93026a747f8d9bd4e609352a91
Manifest require-bundle org.eclipse.core.resources;bundle-version="[3.3.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.1.0,2.0.0)",org.eclipse.compare.core;bundle-version="[3.5.200,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.pde.ui_3.8.0.v20130515-1659.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.ui_3.8.0.v20130515-1659.jar
MD5: BC22000B3D8D82662B541646251F84E8
SHA1: 3437DEB7876FDC571C3566CAAA68CC2403EE3453
Evidence
Source Name Value
file name 3.8.0.v20130515
file name org.eclipse.pde.ui_3.8.0.v20130515-1659
file name org.eclipse.pde.ui_3.8.0.v20130515-1659
jar package eclipse
jar package internal
jar package pde
jar package ui
jar package name eclipse
jar package name pde
jar package name ui
Manifest Bundle-Name %name
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.pde.ui; singleton:=true
Manifest Bundle-Vendor %provider-name
Manifest Bundle-Version 3.8.0.v20130515-1659
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/pde/eclipse.pde.ui.git;path="ui/org.eclipse.pde.ui";tag="I20130515-2000";commitId=b5c7f8cc76983f4bf3167f59dcd49bb1aada94fc
Manifest require-bundle org.eclipse.pde.core;bundle-version="[3.6.0,4.0.0)";visibility:=reexport,org.eclipse.core.runtime;bundle-version="[3.1.0,4.0.0)",org.eclipse.ui.ide;bundle-version="[3.2.0,4.0.0)",org.eclipse.ui.views;bundle-version="[3.2.0,4.0.0)",org.eclipse.jface.text;bundle-version="[3.7.0,4.0.0)",org.eclipse.ui.workbench.texteditor;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.editors;bundle-version="[3.2.0,4.0.0)",org.eclipse.debug.ui;bundle-version="[3.2.0,4.0.0)",org.eclipse.jdt.core;bundle-version="[3.2.0,4.0.0)",org.eclipse.jdt.debug.ui;bundle-version="[3.2.0,4.0.0)",org.eclipse.jdt.launching;bundle-version="[3.2.0,4.0.0)",org.eclipse.jdt.ui;bundle-version="[3.2.0,4.0.0)",org.eclipse.pde.build;bundle-version="[3.2.0,4.0.0)",org.eclipse.search;bundle-version="[3.7.0,4.0.0)",org.eclipse.team.core;bundle-version="[3.2.0,4.0.0)",org.eclipse.ui;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.forms;bundle-version="[3.2.0,4.0.0)",org.eclipse.ant.ui;bundle-version="[3.1.0,4.0.0)",org.eclipse.jdt.junit;bundle-version="[3.2.0,4.0.0)",org.eclipse.ui.intro;bundle-version="[3.2.0,4.0.0)",org.eclipse.ui.cheatsheets;bundle-version="[3.2.0,4.0.0)",org.eclipse.update.configurator;bundle-version="[3.1.0,4.0.0)",org.eclipse.ui.views.log;bundle-version="[1.0.0,2.0.0)",org.eclipse.ltk.core.refactoring;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.variables;bundle-version="[3.1.0,4.0.0)",org.eclipse.compare;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.0.0,2.0.0)",org.eclipse.ltk.ui.refactoring;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.expressions;bundle-version="[3.2.0,4.0.0)",org.eclipse.ui.navigator.resources;bundle-version="[3.3.100,4.0.0)",org.eclipse.equinox.p2.ui;bundle-version="[2.0.0,3.0.0)",org.eclipse.equinox.p2.metadata;bundle-version="[2.0.0,3.0.0)",org.eclipse.equinox.p2.engine;bundle-version="[2.0.0,3.0.0)",org.eclipse.equinox.p2.core;bundle-version="[2.0.0,3.0.0)",org.eclipse.equinox.p2.director;bundle-version="[2.0.0,3.0.0)",org.eclipse.equinox.p2.artifact.repository;bundle-version="[1.0.100,2.0.0)",org.eclipse.equinox.p2.metadata.repository;bundle-version="[1.0.100,2.0.0)",org.eclipse.equinox.p2.operations;bundle-version="[2.0.0,3.0.0)",org.eclipse.equinox.p2.repository;bundle-version="[2.0.0,3.0.0)",org.eclipse.equinox.frameworkadmin;bundle-version="[2.0.0,3.0.0)",org.eclipse.equinox.frameworkadmin.equinox;bundle-version="[1.0.100,2.0.0)",org.eclipse.pde.launching;bundle-version="[3.6.0,4.0.0)";visibility:=reexport,org.eclipse.ui.console;bundle-version="[3.5.0,4.0.0)",org.eclipse.equinox.simpleconfigurator;bundle-version="[1.0.200,2.0.0)",org.eclipse.equinox.p2.repository.tools;bundle-version="[2.0.100,3.0.0)",org.eclipse.team.ui;bundle-version="[3.6.100,4.0.0)",org.eclipse.help;bundle-version="[3.4.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.5.0,4.0.0)",org.eclipse.debug.core;bundle-version="[3.6.0,4.0.0)"
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.equinox.util_1.0.500.v20130404-1337.jar
Description: The Equinox Util Bundle contains services to facilitate bundle developers in their programming, and to lighten resource usage at runtime.
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.util_1.0.500.v20130404-1337.jar
MD5: 6A9E3D6C5910F184167E939BEB053163
SHA1: FFEDD440831050FCE73A848A14104028759FF9FB
Evidence
Source Name Value
file name 1.0.500.v20130404
file name org.eclipse.equinox.util_1.0.500.v20130404-1337
file name org.eclipse.equinox.util_1.0.500.v20130404-1337
jar package eclipse
jar package equinox
jar package internal
jar package util
jar package name eclipse
jar package name equinox
jar package name util
Manifest Bundle-Name %bundleName
Manifest bundle-requiredexecutionenvironment OSGi/Minimum-1.1
Manifest bundle-symbolicname org.eclipse.equinox.util
Manifest Bundle-Vendor %bundleVendor
Manifest Bundle-Version 1.0.500.v20130404-1337
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.bundles.git;path="bundles/org.eclipse.equinox.util";tag="I20130409-0800";commitId=c36ff638c1be8c4e54e60786a058469aff8cd957
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.bidi.source_0.10.0.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.bidi.source_0.10.0.v20130327-1442.jar
MD5: E1F84EC37071564B179EEAA0715E1001
SHA1: 2DBBDC9B5687D079A17595D001576F6E14397FA5
Evidence
Source Name Value
file name org.eclipse.equinox.bidi.source_0.10.0.v20130327-1442
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.bidi.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.bidi;version="0.10.0.v20130327-1442";roots:="."
org.eclipse.equinox.p2.garbagecollector.source_1.0.200.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.garbagecollector.source_1.0.200.v20130327-2119.jar
MD5: 5C0D013294FD4C9827897E621D931598
SHA1: D7B63EE9628A3AA814C250C2FB39B07DB3DF2200
Evidence
Source Name Value
file name org.eclipse.equinox.p2.garbagecollector.source_1.0.200.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.garbagecollector.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.garbagecollector;version="1.0.200.v20130327-2119";roots:="."
org.eclipse.pde.ds.ui_1.0.300.v20130507-2057.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.ds.ui_1.0.300.v20130507-2057.jar
MD5: 80CAE027A58E72123846438E819EA92A
SHA1: D099C399183C7CEA7C4F441B860BE6B84E399639
Evidence
Source Name Value
file name 1.0.300.v20130507
file name org.eclipse.pde.ds.ui_1.0.300.v20130507-2057
file name org.eclipse.pde.ds.ui_1.0.300.v20130507-2057
jar package ds
jar package eclipse
jar package internal
jar package pde
jar package name ds
jar package name eclipse
jar package name pde
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.pde.ds.ui;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.0.300.v20130507-2057
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/pde/eclipse.pde.ui.git;path="ds/org.eclipse.pde.ds.ui";tag="I20130507-2000";commitId=9b82b38e0508b07a1f5d2040840571306060b9a6
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.3.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.3.0,4.0.0)",org.eclipse.ui;bundle-version="[3.3.0,4.0.0)",org.eclipse.ui.forms;bundle-version="[3.3.0,4.0.0)",org.eclipse.ui.ide;bundle-version="[3.3.0,4.0.0)",org.eclipse.pde.ds.core;bundle-version="[1.0.0,2.0.0)",org.eclipse.pde.ui;bundle-version="[3.3.0,4.0.0)",org.eclipse.search;bundle-version="[3.3.0,4.0.0)",org.eclipse.text;bundle-version="[3.3.0,4.0.0)",org.eclipse.ui.editors;bundle-version="[3.3.0,4.0.0)",org.eclipse.jface.text;bundle-version="[3.3.0,4.0.0)",org.eclipse.jdt.core;bundle-version="[3.3.0,4.0.0)",org.eclipse.jdt.ui;bundle-version="[3.3.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.1.0,2.0.0)"
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.equinox.http.jetty_3.0.100.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.http.jetty_3.0.100.v20130327-1442.jar
MD5: C95B6A49DAE503595E97CF2B809F6F7B
SHA1: 7420D66569231381412A202B05EDD0D9EE449A33
Evidence
Source Name Value
file name 3.0.100.v20130327
file name org.eclipse.equinox.http.jetty_3.0.100.v20130327-1442
file name org.eclipse.equinox.http.jetty_3.0.100.v20130327-1442
jar package eclipse
jar package equinox
jar package http
jar package jetty
jar package name eclipse
jar package name equinox
jar package name http
jar package name jetty
Manifest Bundle-Name %bundleName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.equinox.http.jetty
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.0.100.v20130327-1442
Manifest comment-header 3.2
Manifest comment-header Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.bundles.git;path="bundles/org.eclipse.equinox.http.jetty8";tag="I20130402-0800";commitId=452e0c8dae5a52ad9bb97e073caa16b40c3c1eee
cpe: cpe:/a:git:git
suppress
cpe: cpe:/a:jetty:jetty:3.0.100.v20130327
suppress
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.jdt.launching_3.7.0.v20130515-1451.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.launching_3.7.0.v20130515-1451.jar
MD5: 2FA25F8878BECCC3821B5D722463B455
SHA1: 546480F9321121A0BD2B42677D22462058FA354D
Evidence
Source Name Value
file name org.eclipse.jdt.launching_3.7.0.v20130515-1451
jar package eclipse
jar package internal
jar package jdt
jar package launching
jar package name eclipse
jar package name jdt
jar package name launching
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.jdt.launching; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.debug.git;path="org.eclipse.jdt.launching";tag="I20130515-2000";commitId=bd7f17000a40d641f1bed44f9fd786c1f00931c4
Manifest require-bundle org.eclipse.core.resources;bundle-version="[3.5.0,4.0.0)",org.eclipse.jdt.core;bundle-version="[3.8.0,4.0.0)",org.eclipse.debug.core;bundle-version="[3.8.0,4.0.0)",org.eclipse.jdt.debug;bundle-version="[3.7.100,4.0.0)",org.eclipse.core.variables;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.6.0,4.0.0)",org.eclipse.osgi;bundle-version="[3.8.0,4.0.0)",org.eclipse.core.expressions;bundle-version="[3.4.0,4.0.0)"
org.eclipse.jface.databinding.source_1.6.200.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jface.databinding.source_1.6.200.v20130515-1857.jar
MD5: DFA647F0E9ABFC175CFDEF6327F00A14
SHA1: D238F288ED06686B4916424D17468196D445333E
Evidence
Source Name Value
file name org.eclipse.jface.databinding.source_1.6.200.v20130515-1857
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jface.databinding.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jface.databinding;version="1.6.200.v20130515-1857";roots:="."
org.eclipse.debug.ui.source_3.9.0.v20130516-1713.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.debug.ui.source_3.9.0.v20130516-1713.jar
MD5: 79BE4EAEF13E6168BE7367738A6FCB4D
SHA1: 3641438FB2EBC3EBDFE20AC1CBAF6845015D6342
Evidence
Source Name Value
file name org.eclipse.debug.ui.source_3.9.0.v20130516-1713
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.debug.ui.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.debug.ui;version="3.9.0.v20130516-1713";roots:="."
org.eclipse.equinox.p2.transport.ecf_1.1.0.v20130516-1858.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.transport.ecf_1.1.0.v20130516-1858.jar
MD5: D94AF1A7F51D066C3B0C141E74D92CA6
SHA1: 24CA16ADD0C344301BD140193D6377CE637514C1
Evidence
Source Name Value
file name 1.1.0.v20130516
file name org.eclipse.equinox.p2.transport.ecf_1.1.0.v20130516-1858
file name org.eclipse.equinox.p2.transport.ecf_1.1.0.v20130516-1858
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name equinox
jar package name p2
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5,J2SE-1.4
Manifest bundle-symbolicname org.eclipse.equinox.p2.transport.ecf
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.1.0.v20130516-1858
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.transport.ecf";tag="I20130516-1600";commitId=6632465a3e69d810e75a13e41a6000a3bcd41234
Manifest require-bundle org.eclipse.ecf;bundle-version="3.1.0",org.eclipse.ecf.filetransfer;bundle-version="4.0.0",org.eclipse.ecf.provider.filetransfer;bundle-version="3.1.0",org.eclipse.equinox.p2.core;bundle-version="2.0.100",org.eclipse.equinox.p2.repository;bundle-version="2.1.0",org.eclipse.equinox.common;bundle-version="3.6.0",org.eclipse.core.jobs;bundle-version="3.5.100"
Manifest service-component OSGI-INF/ecfTransport.xml
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.core.contenttype_3.4.200.v20130326-1255.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.contenttype_3.4.200.v20130326-1255.jar
MD5: AE257D3DA2FDC3BDD6391FDFCBE9F752
SHA1: 09A032A98B4B139FA91522B10FDC61FFA9864414
Evidence
Source Name Value
file name 3.4.200.v20130326
file name org.eclipse.core.contenttype_3.4.200.v20130326-1255
file name org.eclipse.core.contenttype_3.4.200.v20130326-1255
jar package content
jar package core
jar package eclipse
jar package internal
jar package name content
jar package name core
jar package name eclipse
jar package name runtime
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4,CDC-1.0/Foundation-1.0,J2SE-1.3
Manifest bundle-symbolicname org.eclipse.core.contenttype; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.4.200.v20130326-1255
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.runtime.git;path="bundles/org.eclipse.core.contenttype";tag="I20130402-0800";commitId=f7384dbdfaca23b79978109ac9681abf5400db30
Manifest require-bundle org.eclipse.equinox.preferences;bundle-version="[3.2.0,4.0.0)",org.eclipse.equinox.registry;bundle-version="[3.2.0,4.0.0)",org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.ui.editors.source_3.8.100.v20130513-1637.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.editors.source_3.8.100.v20130513-1637.jar
MD5: AF71241ECD51F6710B949B277F01F1A6
SHA1: A989E973A10C7BBC3EE879768A7F5B7824DD1953
Evidence
Source Name Value
file name org.eclipse.ui.editors.source_3.8.100.v20130513-1637
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.editors.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.editors;version="3.8.100.v20130513-1637";roots:="."
org.eclipse.equinox.p2.operations.source_2.3.0.v20130603-1809.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.operations.source_2.3.0.v20130603-1809.jar
MD5: C0165DD03272ED5A9AEFBABC59F3657B
SHA1: A2A4E4E5639DE4D6A95FBF1433C682871AAB4993
Evidence
Source Name Value
file name org.eclipse.equinox.p2.operations.source_2.3.0.v20130603-1809
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.operations.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.operations;version="2.3.0.v20130603-1809";roots:="."
org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.300.v20130604-1622.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.300.v20130604-1622.jar
MD5: 58806A9EDC07412C3A7843F1ACF5F6B7
SHA1: 99C634376016E4C796F0D92F39A5B6836BFB1977
Evidence
Source Name Value
file name 1.0.300.v20130604
file name org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.300.v20130604-1622
file name org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.300.v20130604-1622
jar package ecf
jar package eclipse
jar package filetransfer
jar package provider
jar package name ecf
jar package name eclipse
jar package name filetransfer
jar package name provider
Manifest Bundle-Name %plugin.name
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.ecf.provider.filetransfer.httpclient4;singleton:=true
Manifest Bundle-Vendor %plugin.provider
Manifest Bundle-Version 1.0.300.v20130604-1622
Manifest require-bundle org.eclipse.equinox.common,org.eclipse.ecf.provider.filetransfer,org.eclipse.ecf,org.eclipse.ecf.filetransfer
Related Dependencies
org.eclipse.ecf.provider.filetransfer.httpclient4.source_1.0.300.v20130604-1622.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ecf.provider.filetransfer.httpclient4.source_1.0.300.v20130604-1622.jar
SHA1: 9A32C94EE93F3CA034374A6F509E32FF2CD3321D
MD5: 7D6817CAB64EB94DE2F829C3197C952B
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.pde.junit.runtime.source_3.4.300.v20130422-2046.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.junit.runtime.source_3.4.300.v20130422-2046.jar
MD5: D6CB88E7B01AE6F18FE7559F0BD9C489
SHA1: 2552A9D7C20AB6B6CE58514BECB967EB609F0C22
Evidence
Source Name Value
file name org.eclipse.pde.junit.runtime.source_3.4.300.v20130422-2046
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.pde.junit.runtime.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.pde.junit.runtime;version="3.4.300.v20130422-2046";roots:="."
org.eclipse.equinox.registry_3.5.300.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.registry_3.5.300.v20130327-1442.jar
MD5: 56BBD73A516D9A36570542DD3DB54C93
SHA1: 442635DD9D7D23C8FC2809FB089A7B7ECDDF2DC0
Evidence
Source Name Value
file name 3.5.300.v20130327
file name org.eclipse.equinox.registry_3.5.300.v20130327-1442
file name org.eclipse.equinox.registry_3.5.300.v20130327-1442
jar package core
jar package eclipse
jar package internal
jar package registry
jar package name eclipse
jar package name registry
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment CDC-1.1/Foundation-1.1,J2SE-1.4
Manifest bundle-symbolicname org.eclipse.equinox.registry;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.5.300.v20130327-1442
Manifest comment-header 3.2
Manifest comment-header Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.bundles.git;path="bundles/org.eclipse.equinox.registry";tag="I20130402-0800";commitId=452e0c8dae5a52ad9bb97e073caa16b40c3c1eee
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.core.runtime.source_3.9.0.v20130326-1255.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.runtime.source_3.9.0.v20130326-1255.jar
MD5: DC44B4DA32F06F8F2E0F7DC65C438244
SHA1: 221C5A2EB8F15576DA5B370DAC72260694ABD699
Evidence
Source Name Value
file name org.eclipse.core.runtime.source_3.9.0.v20130326-1255
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.core.runtime.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.core.runtime;version="3.9.0.v20130326-1255";roots:="."
org.eclipse.equinox.jsp.jasper_1.0.400.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.jsp.jasper_1.0.400.v20130327-1442.jar
MD5: FA0284F685E2744C11AE39B857C61BF6
SHA1: 364050C426BB0E949F2B6C2A7E4A2A4422237811
Evidence
Source Name Value
file name 1.0.400.v20130327
file name org.eclipse.equinox.jsp.jasper_1.0.400.v20130327-1442
file name org.eclipse.equinox.jsp.jasper_1.0.400.v20130327-1442
jar package eclipse
jar package equinox
jar package internal
jar package jsp
jar package name eclipse
jar package name equinox
jar package name jasper
jar package name jsp
Manifest Bundle-Name %bundleName
Manifest bundle-requiredexecutionenvironment CDC-1.0/Foundation-1.0,J2SE-1.3
Manifest bundle-symbolicname org.eclipse.equinox.jsp.jasper
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.0.400.v20130327-1442
Manifest comment-header 3.2
Manifest comment-header Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.bundles.git;path="bundles/org.eclipse.equinox.jsp.jasper";tag="I20130402-0800";commitId=452e0c8dae5a52ad9bb97e073caa16b40c3c1eee
Related Dependencies
org.eclipse.equinox.simpleconfigurator_1.0.400.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.simpleconfigurator_1.0.400.v20130327-2119.jar
SHA1: 0615E60A644ED08A2B951A4BB034F5FD5B658DDA
MD5: A2F6B4878DCB012AFB10C2512DDABEEA
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
pdebuild-ant.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/pdebuild-ant.jar
MD5: 9F5D9E0561550FF46045409B9B6E7D8A
SHA1: 0F6E7EDB687F6CCA20BB149A61570DE7B4E26DA7
Evidence
Source Name Value
file name pdebuild-ant
jar package build
jar package eclipse
jar package internal
jar package pde
org.eclipse.ui.ide.application_1.0.400.v20130326-1250.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.ide.application_1.0.400.v20130326-1250.jar
MD5: 820DC358CCAE5C01895322FEFBB37D68
SHA1: FF0198E32D0F5C16F0241DDA3DFA1B1C7B8B10A8
Evidence
Source Name Value
file name 1.0.400.v20130326
file name org.eclipse.ui.ide.application_1.0.400.v20130326-1250
file name org.eclipse.ui.ide.application_1.0.400.v20130326-1250
jar package eclipse
jar package ide
jar package internal
jar package ui
jar package name eclipse
jar package name ide
jar package name ui
Manifest Bundle-Name %Plugin.name
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ui.ide.application;singleton:=true
Manifest Bundle-Vendor %Plugin.providerName
Manifest Bundle-Version 1.0.400.v20130326-1250
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.ui.ide.application";tag="I20130402-0800";commitId=ac8cd02e835171340e42b92f4bc4f2c861c9a2ce
Manifest require-bundle org.eclipse.ui.ide;bundle-version="[3.6.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.2.0,4.0.0)",org.eclipse.ui;bundle-version="[3.6.0,4.0.0)",org.eclipse.core.net;bundle-version="[1.0.0,2.0.0)",org.eclipse.core.filesystem;bundle-version="1.3.0"
Related Dependencies
org.eclipse.ui.ide.application.source_1.0.400.v20130326-1250.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.ide.application.source_1.0.400.v20130326-1250.jar
SHA1: E3143F3459FDF6CDE513D38D73BF42B7993EE67F
MD5: E37CD63D2001C49BAE4357F0A8ABA790
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.ui.intro.source_3.4.200.v20130326-1254.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.intro.source_3.4.200.v20130326-1254.jar
MD5: B28243C198509A8951CD059F5A31D273
SHA1: 2653735F7979E19E4572E009457783E88FA4FB5E
Evidence
Source Name Value
file name org.eclipse.ui.intro.source_3.4.200.v20130326-1254
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.intro.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.intro;version="3.4.200.v20130326-1254";roots:="."
org.eclipse.core.variables_3.2.700.v20130402-1741.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.variables_3.2.700.v20130402-1741.jar
MD5: 64CE972BF32FF3898C8A8C7C2EFD887A
SHA1: 9D8427A9C873DDFAFE82EF1505C4642D1EA9B6C0
Evidence
Source Name Value
file name 3.2.700.v20130402
file name org.eclipse.core.variables_3.2.700.v20130402-1741
file name org.eclipse.core.variables_3.2.700.v20130402-1741
jar package core
jar package eclipse
jar package internal
jar package variables
jar package name core
jar package name eclipse
jar package name variables
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.core.variables; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.2.700.v20130402-1741
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.debug.git;path="org.eclipse.core.variables";tag="I20130403-1027";commitId=272f7e6866abb5267f6c18f2c4c67e8495e62f8b
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.3.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.ui.ide_3.9.0.v20130517-0139.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.ide_3.9.0.v20130517-0139.jar
MD5: D17528C3FB90C274E2845DB5798F5E65
SHA1: E35DDE831953EEBB5561844E9E5FB8FCD7BD31A3
Evidence
Source Name Value
file name 3.9.0.v20130517
file name org.eclipse.ui.ide_3.9.0.v20130517-0139
file name org.eclipse.ui.ide_3.9.0.v20130517-0139
jar package eclipse
jar package ui
jar package name eclipse
jar package name filesystem
jar package name ide
jar package name ui
jar package name views
Manifest Bundle-Name %Plugin.name
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ui.ide; singleton:=true
Manifest Bundle-Vendor %Plugin.providerName
Manifest Bundle-Version 3.9.0.v20130517-0139
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.ui.ide";tag="I20130516-2200";commitId=f3a281531ddf2aa81af4f270c14c5f18ac7b8729
Manifest require-bundle org.eclipse.core.resources;bundle-version="[3.7.0,4.0.0)";resolution:=optional,org.eclipse.core.runtime;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.0.0,2.0.0)",org.eclipse.help;bundle-version="[3.2.0,4.0.0)",org.eclipse.ui;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.workbench;bundle-version="[3.7.0,4.0.0)",org.eclipse.ui.views;bundle-version="[3.2.0,4.0.0)";resolution:=optional,org.eclipse.jface.text;bundle-version="[3.2.0,4.0.0)",org.eclipse.ui.forms;bundle-version="[3.3.0,4.0.0)";resolution:=optional,org.eclipse.equinox.p2.engine;bundle-version="[2.0.0,3.0.0)",org.eclipse.equinox.p2.metadata;bundle-version="[2.0.0,3.0.0)",org.eclipse.equinox.bidi;bundle-version="[0.10.0,2.0.0)"
Related Dependencies
org.eclipse.ui.ide.source_3.9.0.v20130517-0139.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.ide.source_3.9.0.v20130517-0139.jar
SHA1: FB528EEEA098B711FB3F8F85141408022255543E
MD5: 01268237EF2ED32973E1FE62EDD33BF3
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.ui.cheatsheets.source_3.4.200.v20130326-1254.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.cheatsheets.source_3.4.200.v20130326-1254.jar
MD5: 3F595A1E3E28F31DF48B258714232FCA
SHA1: 30EB46E039E37EA72F5205709AAB8A6F5F20A37E
Evidence
Source Name Value
file name org.eclipse.ui.cheatsheets.source_3.4.200.v20130326-1254
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.cheatsheets.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.cheatsheets;version="3.4.200.v20130326-1254";roots:="."
org.eclipse.jface.text_3.8.100.v20130515-1957.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jface.text_3.8.100.v20130515-1957.jar
MD5: F22832488A980AD0BD2A54470A0162F7
SHA1: 5EE0A0E70F298E90A41AC636837D52568D6A3891
Evidence
Source Name Value
file name 3.8.100.v20130515
file name org.eclipse.jface.text_3.8.100.v20130515-1957
file name org.eclipse.jface.text_3.8.100.v20130515-1957
jar package eclipse
jar package jface
jar package text
jar package name eclipse
jar package name jface
jar package name text
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.jface.text
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.8.100.v20130515-1957
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.text.git;path="org.eclipse.jface.text";tag="I20130515-2000";commitId=ceddeb903a32bd3eacd05343555a66f96420275f
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",org.eclipse.text;bundle-version="[3.5.0,4.0.0)";visibility:=reexport,org.eclipse.swt;bundle-version="[3.6.0,4.0.0)",org.eclipse.jface;bundle-version="[3.5.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.core.resources.source_3.8.100.v20130521-2026.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.resources.source_3.8.100.v20130521-2026.jar
MD5: 28C041FD899287D27AAFD2401C5BD8B1
SHA1: 364809C7A1773065F1E91D278ACAB4375D4ADA18
Evidence
Source Name Value
file name org.eclipse.core.resources.source_3.8.100.v20130521-2026
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.core.resources.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.core.resources;version="3.8.100.v20130521-2026";roots:="ant_tasks/resources-antsrc,."
org.eclipse.jetty.io.source_8.1.10.v20130312.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jetty.io.source_8.1.10.v20130312.jar
MD5: C0A7147C53C18E84EFECE2DC9775A319
SHA1: 0877350F102C378FD32B12B48C2795169BFFE5D3
Evidence
Source Name Value
file name 8.1.10.v20130312
file name org.eclipse.jetty.io.source_8.1.10.v20130312
file name org.eclipse.jetty.io.source_8.1.10.v20130312
Manifest Bundle-Name Jetty :: IO Utility
Manifest bundle-symbolicname org.eclipse.jetty.io.source;singleton:=true
Manifest Bundle-Vendor Eclipse.org - Jetty
Manifest Bundle-Version 8.1.10.v20130312
Manifest eclipse-sourcebundle org.eclipse.jetty.io;version="8.1.10.v20130312";roots:="."
Related Dependencies
org.eclipse.jetty.continuation.source_8.1.10.v20130312.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jetty.continuation.source_8.1.10.v20130312.jar
SHA1: D16DFEB269795EFE2528E3D20EF5F6F97F6B6DB5
MD5: 95CA6072A463EB8FD62B4B286AE9808D
org.eclipse.jetty.http.source_8.1.10.v20130312.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jetty.http.source_8.1.10.v20130312.jar
SHA1: 2AA4C6F09E8A6D70F0A1A911D02E6CA65C428DC5
MD5: 32CEB226FA726644413C15891AA64165
org.eclipse.jetty.security.source_8.1.10.v20130312.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jetty.security.source_8.1.10.v20130312.jar
SHA1: C4A5C97280A1B26F4FC55DD3D2D37662ECB566A1
MD5: 8DBD6CDB613F6F6218E70988946FA292
org.eclipse.jetty.server.source_8.1.10.v20130312.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jetty.server.source_8.1.10.v20130312.jar
SHA1: 7181CCE966BEFC611F6DF826F3A42CB86AE25DD4
MD5: A99F254C4C0C4A5941F600677D3A9085
org.eclipse.jetty.servlet.source_8.1.10.v20130312.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jetty.servlet.source_8.1.10.v20130312.jar
SHA1: 5CE6AF2188710DFD50804887B62B34CDEBB1A621
MD5: AA34A0D4A8F97069F0B96A4C485B0D82
org.eclipse.jetty.util.source_8.1.10.v20130312.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jetty.util.source_8.1.10.v20130312.jar
SHA1: FD9184F05BE0C07F7A4B648EF2942DEBA5DECEA5
MD5: 115FB5B90813C8BA64AA6225282D6208
cpe: cpe:/a:jetty:jetty:8.1.10.v20130312
suppress
org.eclipse.equinox.http.servlet.source_1.1.400.v20130418-1354.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.http.servlet.source_1.1.400.v20130418-1354.jar
MD5: 53774F62F28BA8DFAD67B85F3C238B5C
SHA1: 9A6BAE3E0556A4AF2A84A8A93087574AAD6A1ED6
Evidence
Source Name Value
file name org.eclipse.equinox.http.servlet.source_1.1.400.v20130418-1354
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.http.servlet.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.http.servlet;version="1.1.400.v20130418-1354";roots:="."
org.eclipse.jdt.junit.core.source_3.7.200.v20130514-1154.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.junit.core.source_3.7.200.v20130514-1154.jar
MD5: E4B65D7E890EB308F504EB3FE28B0C39
SHA1: A6D6D0A0429998A2F2B7F4999D83EF5B372AA19A
Evidence
Source Name Value
file name org.eclipse.jdt.junit.core.source_3.7.200.v20130514-1154
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jdt.junit.core.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jdt.junit.core;version="3.7.200.v20130514-1154";roots:="."
org.eclipse.equinox.p2.ui.importexport.source_1.1.0.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.ui.importexport.source_1.1.0.v20130327-2119.jar
MD5: 0FBF67EBD62FBF2FF63AAF3FCF80DB62
SHA1: FD98076394B9417E9CA9CB5BAE616C2EF427AB30
Evidence
Source Name Value
file name org.eclipse.equinox.p2.ui.importexport.source_1.1.0.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.ui.importexport.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.ui.importexport;version="1.1.0.v20130327-2119";roots:="."
org.eclipse.help.ui.source_4.0.0.v20130515-1955.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.help.ui.source_4.0.0.v20130515-1955.jar
MD5: BBDC47F478F75465163610413F622B3C
SHA1: CFDC5487F1FAD9CE446BE414AE30B7F1FFA18AD1
Evidence
Source Name Value
file name org.eclipse.help.ui.source_4.0.0.v20130515-1955
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.help.ui.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.help.ui;version="4.0.0.v20130515-1955";roots:="."
org.eclipse.ecf.filetransfer_5.0.0.v20130604-1622.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ecf.filetransfer_5.0.0.v20130604-1622.jar
MD5: 2BCD9D0943EB967281F7BFF2F104636E
SHA1: 03E1F6731E4AC15CC48491EFC3B3DB63A3211026
Evidence
Source Name Value
file name org.eclipse.ecf.filetransfer_5.0.0.v20130604-1622
jar package ecf
jar package eclipse
jar package filetransfer
jar package name ecf
jar package name eclipse
jar package name filetransfer
Manifest Bundle-Name %plugin.name
Manifest bundle-requiredexecutionenvironment CDC-1.1/Foundation-1.1,J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ecf.filetransfer;singleton:=true
Manifest Bundle-Vendor %plugin.provider
Manifest require-bundle org.eclipse.equinox.common,org.eclipse.equinox.registry,org.eclipse.ecf
org.eclipse.equinox.p2.artifact.repository_1.1.200.v20130515-2028.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.artifact.repository_1.1.200.v20130515-2028.jar
MD5: B8AB059388C7495907ADEFB34A168F20
SHA1: 6890C2CA75508285FBAAEC13E9323458CA4BD24D
Evidence
Source Name Value
file name 1.1.200.v20130515
file name org.eclipse.equinox.p2.artifact.repository_1.1.200.v20130515-2028
file name org.eclipse.equinox.p2.artifact.repository_1.1.200.v20130515-2028
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name equinox
jar package name p2
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.equinox.p2.artifact.repository;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.1.200.v20130515-2028
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.artifact.repository";tag="I20130515-2000";commitId=fc6a1a5240224ab856a523e89bf15d04f776394b
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.5.0,4.0.0)",org.eclipse.equinox.registry,org.eclipse.equinox.p2.metadata
Manifest service-component OSGI-INF/repositoryManager.xml
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.jdt.junit.source_3.7.200.v20130514-0733.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.junit.source_3.7.200.v20130514-0733.jar
MD5: 5A848DBE8772043E8E11D5600FD7C6D5
SHA1: 4BAA82DD9B435211E78B133C9C7DE51BFDC686A6
Evidence
Source Name Value
file name org.eclipse.jdt.junit.source_3.7.200.v20130514-0733
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jdt.junit.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jdt.junit;version="3.7.200.v20130514-0733";roots:="."
org.eclipse.jdt.core.manipulation_1.5.0.v20130605-1748.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.core.manipulation_1.5.0.v20130605-1748.jar
MD5: A6B2F9335FAB3914412EA399993F1268
SHA1: 544FF2D628BD01C94FDA72CD397F31E8522B5E06
Evidence
Source Name Value
file name org.eclipse.jdt.core.manipulation_1.5.0.v20130605-1748
jar package core
jar package eclipse
jar package jdt
jar package refactoring
jar package name core
jar package name eclipse
jar package name jdt
jar package name manipulation
jar package name refactoring
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.jdt.core.manipulation; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.ui.git;path="org.eclipse.jdt.core.manipulation";tag="I20130605-2000";commitId=b1685b025876ed72aedfc8c7af59129b19055e7d
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.5.0,4.0.0)",org.eclipse.ltk.core.refactoring;bundle-version="[3.6.0,4.0.0)",org.eclipse.jdt.core;bundle-version="[3.8.0,4.0.0)",org.eclipse.core.expressions;bundle-version="[3.4.100,4.0.0)",org.eclipse.text;bundle-version="[3.5.0,4.0.0)"
org.eclipse.equinox.p2.metadata.repository.source_1.2.100.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.metadata.repository.source_1.2.100.v20130327-2119.jar
MD5: 928B8EE9B063D4A2954768D44F408902
SHA1: A996253AD92F83BFB11C99965961171AC2BF32C3
Evidence
Source Name Value
file name org.eclipse.equinox.p2.metadata.repository.source_1.2.100.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.metadata.repository.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.metadata.repository;version="1.2.100.v20130327-2119";roots:="ant_tasks/metadataRepository-antsrc,."
org.eclipse.pde.junit.runtime_3.4.300.v20130422-2046.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.junit.runtime_3.4.300.v20130422-2046.jar
MD5: E69A2EA5DA64272CA9CD3CB996D4F7DE
SHA1: 27F58069B6D3B28CA6EC7AA1ABCD6C3778A41291
Evidence
Source Name Value
file name 3.4.300.v20130422
file name org.eclipse.pde.junit.runtime_3.4.300.v20130422-2046
file name org.eclipse.pde.junit.runtime_3.4.300.v20130422-2046
jar package eclipse
jar package internal
jar package junit
jar package pde
jar package name eclipse
jar package name junit
jar package name pde
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.pde.junit.runtime; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.4.300.v20130422-2046
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/pde/eclipse.pde.ui.git;path="ui/org.eclipse.pde.junit.runtime";tag="I20130423-0017";commitId=73450d3d6e3c9093d2f6d9d64f972a967fef6a3e
Manifest require-bundle org.eclipse.jdt.junit.runtime;bundle-version="[3.2.0,4.0.0)",org.junit;bundle-version="3.8.2",org.eclipse.core.runtime;bundle-version="[3.3.0,4.0.0)",org.eclipse.ui;bundle-version="[3.2.0,4.0.0)";resolution:=optional
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.e4.ui.di_1.0.0.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.di_1.0.0.v20130515-1857.jar
MD5: 4D764FEA754C2F98B5CA0C5B3D9B8707
SHA1: F03E313D0F87DB2AE1B35542FC40C81DFF16C2DE
Evidence
Source Name Value
file name 1.0.0.v20130515
file name org.eclipse.e4.ui.di_1.0.0.v20130515-1857
file name org.eclipse.e4.ui.di_1.0.0.v20130515-1857
jar package di
jar package e4
jar package eclipse
jar package ui
jar package name di
jar package name e4
jar package name eclipse
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.e4.ui.di
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.0.0.v20130515-1857
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.e4.ui.di";tag="I20130515-2000";commitId=bc510cfd80224d0d77919e36978d5bc71eb6fa3d
Manifest require-bundle org.eclipse.e4.core.di;bundle-version="0.9.0",org.eclipse.e4.core.di.extensions;bundle-version="0.9.0",org.eclipse.osgi.services;bundle-version="[3.2.100,4.0.0)"
Manifest service-component OSGI-INF/eventsui.xml
Related Dependencies
org.eclipse.e4.ui.widgets_1.0.0.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.widgets_1.0.0.v20130515-1857.jar
SHA1: 19DFB271D4EE050720AA3D416F80A0349487D662
MD5: 34AC044DFB1FFE31BC05A133E908E7C3
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.p2.extensionlocation_1.2.100.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.extensionlocation_1.2.100.v20130327-2119.jar
MD5: 65C166C0B082F56306FF6DAA501A9BDD
SHA1: 4520EC6677DC078E4349CA51233E9A1EDF3EBAFF
Evidence
Source Name Value
file name 1.2.100.v20130327
file name org.eclipse.equinox.p2.extensionlocation_1.2.100.v20130327-2119
file name org.eclipse.equinox.p2.extensionlocation_1.2.100.v20130327-2119
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name equinox
jar package name p2
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5,J2SE-1.4,CDC-1.1/Foundation-1.1
Manifest bundle-symbolicname org.eclipse.equinox.p2.extensionlocation;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.2.100.v20130327-2119
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.extensionlocation";tag="I20130402-0800";commitId=7184672bf7e9aed74dc896deea71041b570ffb9c
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.5.0,4.0.0)",org.eclipse.equinox.p2.metadata
Related Dependencies
org.eclipse.equinox.p2.metadata.repository_1.2.100.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.metadata.repository_1.2.100.v20130327-2119.jar
SHA1: 8A4BDEF3273714B15F4F42D2949B6D4CB994FBB3
MD5: 7B09A603A40B01EBAF6917F6E95E5C0C
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.cvs_1.4.0.v20130605-2000.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.cvs_1.4.0.v20130605-2000.jar
MD5: 297FE81A96BFE876EE6BD8A0DFD078DB
SHA1: A543969262A56D9E9A980BFEF5CAAAF6FD786521
Evidence
Source Name Value
file name 1.4.0.v20130605
file name org.eclipse.cvs_1.4.0.v20130605-2000
file name org.eclipse.cvs_1.4.0.v20130605-2000
Manifest Bundle-Name %pluginName
Manifest bundle-symbolicname org.eclipse.cvs; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.4.0.v20130605-2000
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.releng.git;path="bundles/org.eclipse.cvs";tag="I20130605-2000";commitId=28aff176d9423c92418bbb3b2af41548638d5bb1
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.ui_3.105.0.v20130522-1122.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui_3.105.0.v20130522-1122.jar
MD5: 1BDEF129088A7FF1DE201A90BF0C6231
SHA1: 86DBBA1F6B9674E256E74F2DA5FE94AEFCAD3708
Evidence
Source Name Value
file name org.eclipse.ui_3.105.0.v20130522-1122
jar package eclipse
jar package internal
jar package ui
jar package name eclipse
jar package name ui
Manifest Bundle-Name %Plugin.name
Manifest bundle-requiredexecutionenvironment CDC-1.0/Foundation-1.0,J2SE-1.3
Manifest bundle-symbolicname org.eclipse.ui; singleton:=true
Manifest Bundle-Vendor %Plugin.providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.ui";tag="I20130522-1320";commitId=e0ac33b9effcd882700d032de6c48c903623c8da
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.2.0,4.0.0)",org.eclipse.swt;bundle-version="[3.101.0,4.0.0)";visibility:=reexport,org.eclipse.jface;bundle-version="[3.9.0,4.0.0)";visibility:=reexport,org.eclipse.ui.workbench;bundle-version="[3.105.0,4.0.0)";visibility:=reexport,org.eclipse.core.expressions;bundle-version="[3.4.0,4.0.0)"
org.eclipse.ltk.ui.refactoring.source_3.7.100.v20130605-1748.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ltk.ui.refactoring.source_3.7.100.v20130605-1748.jar
MD5: 49B13EAC7E5161FF66A7C99B2E0D9D79
SHA1: BC3484EF3DD4D814C4C6226257729830AF32D1CB
Evidence
Source Name Value
file name org.eclipse.ltk.ui.refactoring.source_3.7.100.v20130605-1748
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ltk.ui.refactoring.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ltk.ui.refactoring;version="3.7.100.v20130605-1748";roots:="."
org.eclipse.equinox.p2.updatesite_1.0.400.v20130515-2028.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.updatesite_1.0.400.v20130515-2028.jar
MD5: ABCE70209E1183878AE286B618DE3965
SHA1: 33887BE099212E7A61923AE90BCBE6B32F47E2A6
Evidence
Source Name Value
file name 1.0.400.v20130515
file name org.eclipse.equinox.p2.updatesite_1.0.400.v20130515-2028
file name org.eclipse.equinox.p2.updatesite_1.0.400.v20130515-2028
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name equinox
jar package name p2
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5,J2SE-1.4,CDC-1.1/Foundation-1.1
Manifest bundle-symbolicname org.eclipse.equinox.p2.updatesite;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.0.400.v20130515-2028
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.updatesite";tag="I20130515-2000";commitId=fc6a1a5240224ab856a523e89bf15d04f776394b
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.3.0,4.0.0)",org.eclipse.equinox.p2.metadata.repository;bundle-version="0.1.0",org.eclipse.equinox.p2.artifact.repository;bundle-version="0.1.0"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.e4.ui.model.workbench_1.0.0.v20130605-1738.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.model.workbench_1.0.0.v20130605-1738.jar
MD5: 16D2AED633C402E46F9F574879D3ACFE
SHA1: EAB93546AAAF2A7836EEFAEC6FFBBC729661A849
Evidence
Source Name Value
file name org.eclipse.e4.ui.model.workbench_1.0.0.v20130605-1738
jar package e4
jar package eclipse
jar package model
jar package ui
jar package name e4
jar package name eclipse
jar package name model
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.e4.ui.model.workbench;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.e4.ui.model.workbench";tag="I20130605-2000";commitId=9254fa5838268f598a9608d5d72cf2a66dcdcd33
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.7.0,4.0.0)",org.eclipse.e4.core.services;bundle-version="0.9.0",org.eclipse.e4.core.contexts;bundle-version="1.0.0",org.eclipse.core.commands;bundle-version="[3.5.0,4.0.0)",org.eclipse.e4.core.di;bundle-version="1.0.0",org.eclipse.emf.ecore;bundle-version="2.9.0"
org.eclipse.equinox.console_1.0.100.v20130429-0953.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.console_1.0.100.v20130429-0953.jar
MD5: 997CA2F13BCD3CCAF0499FE9C878F870
SHA1: 9BAB65D301609309156F54CC83E17ED55EFC5059
Evidence
Source Name Value
file name 1.0.100.v20130429
file name org.eclipse.equinox.console_1.0.100.v20130429-0953
file name org.eclipse.equinox.console_1.0.100.v20130429-0953
jar package console
jar package eclipse
jar package equinox
jar package name console
jar package name eclipse
jar package name equinox
Manifest Bundle-Name %bundleName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.equinox.console
Manifest Bundle-Vendor %bundleVendor
Manifest Bundle-Version 1.0.100.v20130429-0953
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.bundles.git;path="bundles/org.eclipse.equinox.console";tag="I20130429-2000";commitId=8cbda223069c62390bfa22a266dad5d7a9b9526c
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.ui.navigator.resources_3.4.500.v20130516-1049.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.navigator.resources_3.4.500.v20130516-1049.jar
MD5: BE85626A4B8E9D0186E6495559DD3298
SHA1: 57E2D679E72097F2C1D5E98D2731E6179F5329B1
Evidence
Source Name Value
file name 3.4.500.v20130516
file name org.eclipse.ui.navigator.resources_3.4.500.v20130516-1049
file name org.eclipse.ui.navigator.resources_3.4.500.v20130516-1049
jar package eclipse
jar package internal
jar package navigator
jar package ui
jar package name eclipse
jar package name navigator
jar package name resources
jar package name ui
Manifest Bundle-Name %Plugin.name
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ui.navigator.resources; singleton:=true
Manifest Bundle-Vendor %Plugin.providerName
Manifest Bundle-Version 3.4.500.v20130516-1049
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.ui.navigator.resources";tag="I20130516-2200";commitId=f3a281531ddf2aa81af4f270c14c5f18ac7b8729
Manifest require-bundle org.eclipse.ui.ide;bundle-version="[3.6.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.6.0,4.0.0)",org.eclipse.jface;bundle-version="[3.6.0,4.0.0)",org.eclipse.ui;bundle-version="[3.6.0,4.0.0)",org.eclipse.ui.navigator;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.6.0,4.0.0)",org.eclipse.ui.views.properties.tabbed;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.workbench.texteditor;bundle-version="[3.6.0,4.0.0)",org.eclipse.ltk.core.refactoring;bundle-version="[3.5.0,4.0.0)",org.eclipse.ltk.ui.refactoring;bundle-version="[3.5.0,4.0.0)"
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.jdt.junit.runtime.source_3.4.400.v20130514-0733.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.junit.runtime.source_3.4.400.v20130514-0733.jar
MD5: E58C266E22B23E318197A1ECE34BFE8A
SHA1: 6B2EADFBA737EA45C06D0DA1FF82AEB1CE03DAF7
Evidence
Source Name Value
file name org.eclipse.jdt.junit.runtime.source_3.4.400.v20130514-0733
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jdt.junit.runtime.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jdt.junit.runtime;version="3.4.400.v20130514-0733";roots:="."
org.eclipse.equinox.frameworkadmin.equinox.source_1.0.500.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.frameworkadmin.equinox.source_1.0.500.v20130327-2119.jar
MD5: 7705F32B23890829B4E6E870BBE4AEAF
SHA1: E15AB644764A6B0BC655DB9585393A31675617FB
Evidence
Source Name Value
file name org.eclipse.equinox.frameworkadmin.equinox.source_1.0.500.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.frameworkadmin.equinox.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.frameworkadmin.equinox;version="1.0.500.v20130327-2119";roots:="."
org.eclipse.jdt.junit4.runtime.source_1.1.300.v20130514-0733.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.junit4.runtime.source_1.1.300.v20130514-0733.jar
MD5: BB9646BE042F8E48ED5C045E6FF9DCC3
SHA1: 1F49977DC29901786F277A4A0BE42DA7506F8421
Evidence
Source Name Value
file name org.eclipse.jdt.junit4.runtime.source_1.1.300.v20130514-0733
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jdt.junit4.runtime.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jdt.junit4.runtime;version="1.1.300.v20130514-0733";roots:="."
org.eclipse.equinox.p2.director_2.3.0.v20130526-0335.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.director_2.3.0.v20130526-0335.jar
MD5: E4FD302E8CE3A0063C48E89F339E3471
SHA1: 1F765132A1394A1240C5AAFBCA16730BF9B54210
Evidence
Source Name Value
file name org.eclipse.equinox.p2.director_2.3.0.v20130526-0335
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name equinox
jar package name p2
jar package name planner
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.equinox.p2.director;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.director";tag="I20130526-0051";commitId=fc958e5370b322d44ad3a807091617cf7d73545b
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.3.0,4.0.0)",org.eclipse.core.jobs;bundle-version="[3.3.0,4.0.0)",org.eclipse.equinox.p2.metadata;bundle-version="[2.0.0,3.0.0)",org.sat4j.core;bundle-version="[2.3.5,3.0.0)",org.sat4j.pb;bundle-version="[2.3.5,3.0.0)"
Manifest service-component OSGI-INF/director.xml, OSGI-INF/planner.xml
org.eclipse.ui.win32.source_3.2.400.v20130516-1056.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.win32.source_3.2.400.v20130516-1056.jar
MD5: BED1BD67CDAB11E5495535B4C2C7449B
SHA1: 1275473CEEA22E4FF44891F16AE9DE8E0092C281
Evidence
Source Name Value
file name org.eclipse.ui.win32.source_3.2.400.v20130516-1056
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.win32.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.win32;version="3.2.400.v20130516-1056";roots:="."
org.eclipse.equinox.p2.updatechecker.source_1.1.200.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.updatechecker.source_1.1.200.v20130327-2119.jar
MD5: CA0DA9467BAC0DC930A364DE3B77CE17
SHA1: 762EAC7713A5D0613390C2F6421D93F42FBBE86D
Evidence
Source Name Value
file name org.eclipse.equinox.p2.updatechecker.source_1.1.200.v20130327-2119
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.updatechecker.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.updatechecker;version="1.1.200.v20130327-2119";roots:="."
org.eclipse.equinox.event_1.3.0.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.event_1.3.0.v20130327-1442.jar
MD5: 346393F004DED5867438792DD976DA02
SHA1: 0191496C763BDB392B2A2BED6B7396647ABE4662
Evidence
Source Name Value
file name 1.3.0.v20130327
file name org.eclipse.equinox.event_1.3.0.v20130327-1442
file name org.eclipse.equinox.event_1.3.0.v20130327-1442
jar package eclipse
jar package equinox
jar package event
jar package internal
jar package name eclipse
jar package name equinox
jar package name event
Manifest Bundle-Name %bundleName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.equinox.event
Manifest Bundle-Vendor %bundleVendor
Manifest Bundle-Version 1.3.0.v20130327-1442
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.bundles.git;path="bundles/org.eclipse.equinox.event";tag="I20130402-0800";commitId=452e0c8dae5a52ad9bb97e073caa16b40c3c1eee
Manifest service-component OSGI-INF/component.xml
Related Dependencies
org.eclipse.equinox.launcher_1.3.0.v20130327-1440.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.launcher_1.3.0.v20130327-1440.jar
SHA1: 5B5602E01F617092B64AFCA7437C994B23B0E788
MD5: 3353AD95A917643CDEB629A8F107D310
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.swt.win32.win32.x86.source_3.102.0.v20130605-1544.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.swt.win32.win32.x86.source_3.102.0.v20130605-1544.jar
MD5: 1129FD6E5319EE01F8334D321ECFC450
SHA1: 4B16549B5F482C891D5BC7CEA2B9702D3AF0C208
Evidence
Source Name Value
file name org.eclipse.swt.win32.win32.x86.source_3.102.0.v20130605-1544
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.swt.win32.win32.x86.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.swt.win32.win32.x86;version="3.102.0.v20130605-1544";roots:="."
org.eclipse.team.cvs.core.source_3.3.500.v20130515-2011.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.team.cvs.core.source_3.3.500.v20130515-2011.jar
MD5: 12960290F82CE5D8DAD9B3119FA0BDF8
SHA1: 448A93EC03F1C548C2C734B4BE03B4434BE44259
Evidence
Source Name Value
file name 3.3.500.v20130515
file name org.eclipse.team.cvs.core.source_3.3.500.v20130515-2011
file name org.eclipse.team.cvs.core.source_3.3.500.v20130515-2011
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.team.cvs.core.source
Manifest Bundle-Vendor %bundleVendor
Manifest Bundle-Version 3.3.500.v20130515-2011
Manifest eclipse-sourcebundle org.eclipse.team.cvs.core;version="3.3.500.v20130515-2011";roots:="."
org.eclipse.equinox.p2.core_2.3.0.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.core_2.3.0.v20130327-2119.jar
MD5: BF92C5685811A518578CC379D3288256
SHA1: 17EE006FC0DAE98EBBB981420AA676CF40124CF1
Evidence
Source Name Value
file name 2.3.0.v20130327
file name org.eclipse.equinox.p2.core_2.3.0.v20130327-2119
file name org.eclipse.equinox.p2.core_2.3.0.v20130327-2119
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name core
jar package name eclipse
jar package name equinox
jar package name p2
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5,CDC-1.1/Foundation-1.1
Manifest bundle-symbolicname org.eclipse.equinox.p2.core;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 2.3.0.v20130327-2119
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.core";tag="I20130402-0800";commitId=7184672bf7e9aed74dc896deea71041b570ffb9c
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.5.0,4.0.0)"
Manifest service-component OSGI-INF/eventBus.xml, OSGI-INF/agentProvider.xml
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.help_3.6.0.v20130326-1254.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.help_3.6.0.v20130326-1254.jar
MD5: 690F4FC32FF669FE12036652DEE9719F
SHA1: A3F97179A1C3380EB4272F6F7222E3E1D5DE039D
Evidence
Source Name Value
file name 3.6.0.v20130326
file name org.eclipse.help_3.6.0.v20130326-1254
file name org.eclipse.help_3.6.0.v20130326-1254
jar package eclipse
jar package help
jar package internal
jar package name eclipse
jar package name help
Manifest Bundle-Name %help_plugin_name
Manifest bundle-requiredexecutionenvironment J2SE-1.4,CDC-1.0/Foundation-1.0,J2SE-1.3
Manifest bundle-symbolicname org.eclipse.help; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.6.0.v20130326-1254
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ua.git;path="org.eclipse.help";tag="I20130402-0800";commitId=4069ea9718102db6d035e7939ac9586e73fbbcef
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.6.0,4.0.0)",org.eclipse.core.expressions;bundle-version="[3.4.200,4.0.0)";visibility:=reexport
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.e4.ui.model.workbench.source_1.0.0.v20130605-1738.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.model.workbench.source_1.0.0.v20130605-1738.jar
MD5: 8C6B4E07BE50848E22F6F2ACE9D8EB71
SHA1: 857B046D9A5964A077D5D9AB0AF1B0CE416AF922
Evidence
Source Name Value
file name org.eclipse.e4.ui.model.workbench.source_1.0.0.v20130605-1738
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.ui.model.workbench.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.ui.model.workbench;version="1.0.0.v20130605-1738";roots:="."
org.eclipse.equinox.p2.engine_2.3.0.v20130526-2122.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.engine_2.3.0.v20130526-2122.jar
MD5: 165F5247289C02A765398AA86BCFC803
SHA1: 56A827180ACE2748BBE772DAA7DE95503779DB79
Evidence
Source Name Value
file name 2.3.0.v20130526
file name org.eclipse.equinox.p2.engine_2.3.0.v20130526-2122
file name org.eclipse.equinox.p2.engine_2.3.0.v20130526-2122
jar package eclipse
jar package equinox
jar package internal
jar package p2
jar package name eclipse
jar package name engine
jar package name equinox
jar package name p2
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5,J2SE-1.4,CDC-1.1/Foundation-1.1
Manifest bundle-symbolicname org.eclipse.equinox.p2.engine;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 2.3.0.v20130526-2122
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.engine";tag="I20130526-2000";commitId=533b004da27980dc5be3b56dee63d51d34dc2685
Manifest require-bundle org.eclipse.equinox.common,org.eclipse.equinox.registry,org.eclipse.core.jobs;bundle-version="[3.4.0,4.0.0)"
Manifest service-component OSGI-INF/profileRegistry.xml, OSGI-INF/engine.xml
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.core.resources.win32.x86_3.5.100.v20100505-1741.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.resources.win32.x86_3.5.100.v20100505-1741.jar
MD5: B52000872C4998076FB0F4A9DA8736BE
SHA1: 89343563D54B38A26A2AB51DD584E953E6554672
Evidence
Source Name Value
file name 3.5.100.v20100505
file name org.eclipse.core.resources.win32.x86_3.5.100.v20100505-1741
file name org.eclipse.core.resources.win32.x86_3.5.100.v20100505-1741
Manifest Bundle-Name %win32FragmentName
Manifest bundle-symbolicname org.eclipse.core.resources.win32.x86;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.5.100.v20100505-1741
Manifest eclipse-platformfilter (& (osgi.os=win32) (osgi.arch=x86))
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.resources.git;path="bundles/org.eclipse.core.resources.win32.x86";tag="I20130402-0800";commitId=0621f2a34ffbbf33d9df4955717872b510e3bbda
Manifest fragment-host org.eclipse.core.resources;bundle-version="[3.5.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.update.configurator.source_3.3.200.v20130326-1319.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.update.configurator.source_3.3.200.v20130326-1319.jar
MD5: 08BADF8AD523F3AA19EDFEC85F9F10E7
SHA1: 5D5252E13C202534A5CEA992A48023637C783FD9
Evidence
Source Name Value
file name org.eclipse.update.configurator.source_3.3.200.v20130326-1319
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.update.configurator.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.update.configurator;version="3.3.200.v20130326-1319";roots:="."
org.eclipse.jdt.junit.core_3.7.200.v20130514-1154.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.junit.core_3.7.200.v20130514-1154.jar
MD5: 70F1421D624DA1169538F475ECAF0059
SHA1: EEC884EB51A29BE61C83863150F7355D4588E409
Evidence
Source Name Value
file name org.eclipse.jdt.junit.core_3.7.200.v20130514-1154
jar package eclipse
jar package internal
jar package jdt
jar package junit
jar package name eclipse
jar package name jdt
jar package name junit
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.jdt.junit.core;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.ui.git;path="org.eclipse.jdt.junit.core";tag="I20130514-1303";commitId=6684836879074aa2329095fd2a49259bd18e304d
Manifest require-bundle org.eclipse.core.expressions;bundle-version="[3.4.100,4.0.0)",org.eclipse.core.resources;bundle-version="[3.8.100,4.0.0)",org.eclipse.debug.core;bundle-version="[3.5.0,4.0.0)",org.eclipse.jdt.core;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.7.0,4.0.0)",org.eclipse.jdt.launching;bundle-version="[3.5.0,4.0.0)",org.eclipse.jdt.junit.runtime;bundle-version="[3.4.100,4.0.0)",org.eclipse.core.variables;bundle-version="[3.2.200,4.0.0)",org.eclipse.equinox.simpleconfigurator.manipulator;bundle-version="[2.0.0,3.0.0)",org.eclipse.equinox.frameworkadmin;bundle-version="[2.0.0,3.0.0)"
org.eclipse.ui.browser.source_3.4.100.v20130527-1656.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.browser.source_3.4.100.v20130527-1656.jar
MD5: B6D3C0CEEA3971985985C186343A399E
SHA1: 7A53B0B1A8AE4DDE1281071351808A865ED07217
Evidence
Source Name Value
file name org.eclipse.ui.browser.source_3.4.100.v20130527-1656
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.browser.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.browser;version="3.4.100.v20130527-1656";roots:="."
org.eclipse.core.runtime_3.9.0.v20130326-1255.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.runtime_3.9.0.v20130326-1255.jar
MD5: 0DDE7C81B2E6278CDD4A4B4821A54419
SHA1: 47EEDFA6E872020604DB4B2E1949AA6CA273AC6A
Evidence
Source Name Value
file name org.eclipse.core.runtime_3.9.0.v20130326-1255
jar package core
jar package eclipse
jar package runtime
jar package name core
jar package name eclipse
jar package name platform
jar package name plugin
jar package name preferences
jar package name runtime
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.core.runtime; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.runtime.git;path="bundles/org.eclipse.core.runtime";tag="I20130402-0800";commitId=f7384dbdfaca23b79978109ac9681abf5400db30
Manifest require-bundle org.eclipse.osgi;bundle-version="[3.7.0,4.0.0)";visibility:=reexport,org.eclipse.equinox.common;bundle-version="[3.6.100,4.0.0)";visibility:=reexport,org.eclipse.core.jobs;bundle-version="[3.2.0,4.0.0)";visibility:=reexport,org.eclipse.equinox.registry;bundle-version="[3.4.0,4.0.0)";visibility:=reexport,org.eclipse.equinox.preferences;bundle-version="[3.4.0,4.0.0)";visibility:=reexport,org.eclipse.core.contenttype;bundle-version="[3.3.0,4.0.0)";visibility:=reexport,org.eclipse.core.runtime.compatibility.auth;bundle-version="[3.2.0,4.0.0)";resolution:=optional,org.eclipse.equinox.app;bundle-version="1.0.0";visibility:=reexport
org.eclipse.team.cvs.ssh2_3.2.300.v20111007-1310.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.team.cvs.ssh2_3.2.300.v20111007-1310.jar
MD5: EB9DEB62C06FF9DDBBF004FFD0CF8FDD
SHA1: 4C3AF00E993B65632D91C4D20F1B9ECFF88830D4
Evidence
Source Name Value
file name 3.2.300.v20111007
file name org.eclipse.team.cvs.ssh2_3.2.300.v20111007-1310
file name org.eclipse.team.cvs.ssh2_3.2.300.v20111007-1310
jar package ccvs
jar package eclipse
jar package internal
jar package team
jar package name eclipse
jar package name team
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.team.cvs.ssh2; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.2.300.v20111007-1310
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.team.git;path="bundles/org.eclipse.team.cvs.ssh2";tag="I20130402-0800";commitId=79c5562d4c74180311d4b7d7e8f82ffa068e9cb7
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.2.0,4.0.0)",org.eclipse.team.cvs.core;bundle-version="[3.3.0,4.0.0)",org.eclipse.team.core;bundle-version="[3.3.0,4.0.0)",org.eclipse.team.cvs.ssh;bundle-version="[3.2.0,4.0.0)";resolution:=optional,com.jcraft.jsch;bundle-version="[0.1.27,2.0.0)",org.eclipse.jsch.core;bundle-version="[1.1.0,2.0.0)"
org.eclipse.e4.ui.css.core.source_0.10.100.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.css.core.source_0.10.100.v20130515-1857.jar
MD5: 86A5FB527E91D4AA7D04713D09A30F2D
SHA1: 1F3AE66272022B55548C84E23FC971F7A9A355D1
Evidence
Source Name Value
file name org.eclipse.e4.ui.css.core.source_0.10.100.v20130515-1857
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.ui.css.core.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.ui.css.core;version="0.10.100.v20130515-1857";roots:="."
org.eclipse.equinox.registry.source_3.5.300.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.registry.source_3.5.300.v20130327-1442.jar
MD5: 490F6B1E637A233EFA9FF9959FA03502
SHA1: EF9125462EFBC9A26B65EFAF6070B519F6A3D6E7
Evidence
Source Name Value
file name org.eclipse.equinox.registry.source_3.5.300.v20130327-1442
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.registry.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.registry;version="3.5.300.v20130327-1442";roots:="."
org.eclipse.equinox.jsp.jasper.registry.source_1.0.300.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.jsp.jasper.registry.source_1.0.300.v20130327-1442.jar
MD5: 87B6A85738392D5A9540E1B08E2775BC
SHA1: 7CCE54D54B3390E882E919A0432E47214EC5A318
Evidence
Source Name Value
file name org.eclipse.equinox.jsp.jasper.registry.source_1.0.300.v20130327-1442
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.jsp.jasper.registry.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.jsp.jasper.registry;version="1.0.300.v20130327-1442";roots:="."
org.eclipse.compare.source_3.5.400.v20130514-1224.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.compare.source_3.5.400.v20130514-1224.jar
MD5: 2F9573887EAC5E5817A1866BE83A66AD
SHA1: 7396BEE0819F24EA993E3E9F17DA062969B3F2C7
Evidence
Source Name Value
file name org.eclipse.compare.source_3.5.400.v20130514-1224
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.compare.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.compare;version="3.5.400.v20130514-1224";roots:="."
org.eclipse.pde.api.tools.ui_1.0.400.v20130508-1748.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.api.tools.ui_1.0.400.v20130508-1748.jar
MD5: C3ADA8699B73EC22035E32A2653FA97B
SHA1: 26FECAACA46451F7E229A800626235119640AC91
Evidence
Source Name Value
file name 1.0.400.v20130508
file name org.eclipse.pde.api.tools.ui_1.0.400.v20130508-1748
file name org.eclipse.pde.api.tools.ui_1.0.400.v20130508-1748
jar package api
jar package eclipse
jar package pde
jar package tools
jar package name api
jar package name eclipse
jar package name pde
jar package name tools
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.pde.api.tools.ui; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.0.400.v20130508-1748
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/pde/eclipse.pde.ui.git;path="apitools/org.eclipse.pde.api.tools.ui";tag="I20130508-2000";commitId=29279c122b9a3e86c5fcb3ffbb0e10d755c39821
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.4.0,4.0.0)",org.eclipse.jdt.core;bundle-version="[3.8.0,4.0.0)",org.eclipse.pde.ui;bundle-version="[3.4.0,4.0.0)",org.eclipse.pde.api.tools;bundle-version="[1.0.400,4.0.0)",org.eclipse.ui;bundle-version="[3.4.0,4.0.0)",org.eclipse.jdt.ui;bundle-version="[3.8.0,4.0.0)",org.eclipse.jface.text;bundle-version="[3.4.0,4.0.0)",org.eclipse.jdt.launching;bundle-version="[3.6.100,4.0.0)",org.eclipse.core.resources;bundle-version="[3.4.0,4.0.0)",org.eclipse.ui.forms;bundle-version="[3.3.100,4.0.0)",org.eclipse.ui.ide;bundle-version="[3.4.0,4.0.0)",org.eclipse.search;bundle-version="[3.4.0,4.0.0)",org.eclipse.ui.editors;bundle-version="[3.4.0,4.0.0)",org.eclipse.ltk.core.refactoring;bundle-version="[3.4.0,4.0.0)",org.eclipse.ltk.ui.refactoring;bundle-version="[3.4.0,4.0.0)",org.eclipse.core.expressions;bundle-version="3.4.100",org.eclipse.equinox.frameworkadmin;bundle-version="[2.0.0,3.0.0)",org.eclipse.debug.core;bundle-version="[3.4.0,4.0.0)",org.eclipse.debug.ui;bundle-version="[3.4.0,4.0.0)",org.eclipse.ui.trace;bundle-version="1.0.0"
Published Vulnerabilities
CVE-2008-7271 suppress
Severity:
Medium
CVSS Score: 4.3
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (2) the workingSet parameter in an add action to help/advanced/workingSetManager.jsp, a different issue than CVE-2010-4647.
Vulnerable Software & Versions:
org.eclipse.jface.source_3.9.0.v20130521-1714.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jface.source_3.9.0.v20130521-1714.jar
MD5: FC7EAF5B7510B494D3F09D011AA5BCA3
SHA1: E2D5337A04CE5E83C08515B8014730904A8E3EB6
Evidence
Source Name Value
file name org.eclipse.jface.source_3.9.0.v20130521-1714
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jface.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jface;version="3.9.0.v20130521-1714";roots:="."
org.eclipse.emf.ecore.change_2.9.0.v20130528-0742.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.emf.ecore.change_2.9.0.v20130528-0742.jar
MD5: D0196F7FA4908FC60EAA984FC22D444B
SHA1: CCBEBA1B3283537F4A13E88C2A248F119FA20263
Evidence
Source Name Value
file name org.eclipse.emf.ecore.change_2.9.0.v20130528-0742
jar package change
jar package eclipse
jar package ecore
jar package emf
jar package name change
jar package name eclipse
jar package name ecore
jar package name emf
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.emf.ecore.change; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",org.eclipse.emf.ecore;visibility:="reexport";bundle-version="[2.9.0,3.0.0)"
org.eclipse.equinox.app.source_1.3.100.v20130327-1442.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.app.source_1.3.100.v20130327-1442.jar
MD5: 276F96D79ED0DFBAA26BEDCC199F3B12
SHA1: A3A24B7CB84133A820864141172D98B02A7E1A4F
Evidence
Source Name Value
file name org.eclipse.equinox.app.source_1.3.100.v20130327-1442
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.app.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.app;version="1.3.100.v20130327-1442";roots:="."
org.eclipse.ui.forms.source_3.6.0.v20130517-0139.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.forms.source_3.6.0.v20130517-0139.jar
MD5: B5A4E1795EC2870E5DF9AD0DF95BB09A
SHA1: 3FB25BEF4A146C0E25D7F50883A9FB49B1C5F497
Evidence
Source Name Value
file name org.eclipse.ui.forms.source_3.6.0.v20130517-0139
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.forms.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.forms;version="3.6.0.v20130517-0139";roots:="."
org.eclipse.jdt.annotation_1.1.0.v20130513-1648.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.annotation_1.1.0.v20130513-1648.jar
MD5: FC42EB69910D1D977992DFF22BEB09CB
SHA1: 0249DC9E5BC785336678387F89374ABE6136DC19
Evidence
Source Name Value
file name 1.1.0.v20130513
file name org.eclipse.jdt.annotation_1.1.0.v20130513-1648
file name org.eclipse.jdt.annotation_1.1.0.v20130513-1648
jar package annotation
jar package eclipse
jar package jdt
jar package name annotation
jar package name eclipse
jar package name jdt
Manifest Bundle-Name %bundleName
Manifest bundle-requiredexecutionenvironment J2SE-1.5
Manifest bundle-symbolicname org.eclipse.jdt.annotation
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.1.0.v20130513-1648
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.core.git;path="org.eclipse.jdt.annotation";tag="I20130513-1600";commitId=636fc8bdb03980abc82565dbe842499f65436dcc
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.e4.core.di.source_1.3.0.v20130514-1256.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.core.di.source_1.3.0.v20130514-1256.jar
MD5: 27A335D4EFEBE5C498565BA08C2C103B
SHA1: B5ECBC48D1947E3786231EF3514B71333C61D36B
Evidence
Source Name Value
file name org.eclipse.e4.core.di.source_1.3.0.v20130514-1256
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.core.di.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.core.di;version="1.3.0.v20130514-1256";roots:="."
org.eclipse.pde.runtime_3.4.400.v20130402-1757.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.runtime_3.4.400.v20130402-1757.jar
MD5: A0B44975B777E1FC19C2CBABD937C506
SHA1: C063292FBF6A501B2401514565AFB6D0DFDBFB75
Evidence
Source Name Value
file name org.eclipse.pde.runtime_3.4.400.v20130402-1757
jar package eclipse
jar package internal
jar package pde
jar package runtime
jar package name eclipse
jar package name pde
jar package name runtime
Manifest Bundle-Name %name
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.pde.runtime; singleton:=true
Manifest Bundle-Vendor %provider-name
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/pde/eclipse.pde.ui.git;path="ui/org.eclipse.pde.runtime";tag="I20130409-0800";commitId=2ca89ec9388f87c3a7139beb1594a2dd468ac92f
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.2.0,4.0.0)",org.eclipse.ui;bundle-version="[3.3.0,4.0.0)",org.eclipse.ui.forms;bundle-version="[3.3.0,4.0.0)",org.eclipse.jdt.core;bundle-version="[3.3.0,4.0.0)";resolution:=optional,org.eclipse.core.resources;bundle-version="[3.3.0,4.0.0)";resolution:=optional,org.eclipse.jdt.ui;bundle-version="[3.3.0,4.0.0)";resolution:=optional,org.eclipse.pde.ui;bundle-version="[3.3.0,4.0.0)";resolution:=optional,org.eclipse.help;bundle-version="[3.3.0,4.0.0)";resolution:=optional
org.eclipse.ltk.core.refactoring.source_3.6.100.v20130605-1748.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ltk.core.refactoring.source_3.6.100.v20130605-1748.jar
MD5: 87E920823B2B5D19FB4C97A66651CCD6
SHA1: 8E4B779093211C6DDE650B9CFF00C938C6D334D4
Evidence
Source Name Value
file name org.eclipse.ltk.core.refactoring.source_3.6.100.v20130605-1748
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ltk.core.refactoring.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ltk.core.refactoring;version="3.6.100.v20130605-1748";roots:="."
org.eclipse.ui.views.log.source_1.0.400.v20130515-2009.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.views.log.source_1.0.400.v20130515-2009.jar
MD5: BBC7E73DF66884F3E914663E8F51503D
SHA1: 279968BE665C5AFA1D31B9AB87A0CD90250B1567
Evidence
Source Name Value
file name org.eclipse.ui.views.log.source_1.0.400.v20130515-2009
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.ui.views.log.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.ui.views.log;version="1.0.400.v20130515-2009";roots:="."
org.eclipse.pde_3.8.100.v20130605-2000.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde_3.8.100.v20130605-2000.jar
MD5: 1BE3CAEFDE2FC88D946A78950FDCB2EB
SHA1: 6CFA48C8AF3E1DD9FA9D8D2080899F69C21711C9
Evidence
Source Name Value
file name 3.8.100.v20130605
file name org.eclipse.pde_3.8.100.v20130605-2000
file name org.eclipse.pde_3.8.100.v20130605-2000
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.pde; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.8.100.v20130605-2000
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/pde/eclipse.pde.ui.git;path="ui/org.eclipse.pde";tag="I20130529-2000";commitId=4c1c40c39bf4ef7f40947f109891be17ba006ffc
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.compare.win32_1.0.200.v20130514-1224.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.compare.win32_1.0.200.v20130514-1224.jar
MD5: A2B2828818232861E80E7A18B524112C
SHA1: 5CA9E3C6CA2DB79D511F635203269DCE50531812
Evidence
Source Name Value
file name org.eclipse.compare.win32_1.0.200.v20130514-1224
jar package compare
jar package eclipse
jar package internal
jar package win32
jar package name compare
jar package name eclipse
jar package name win32
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.compare.win32;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-platformfilter (osgi.os=win32)
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.team.git;path="bundles/org.eclipse.compare.win32";tag="I20130514-0919";commitId=a293d95118c40d93026a747f8d9bd4e609352a91
Manifest require-bundle org.eclipse.compare;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.2.0,2.0.0)",org.eclipse.ui.forms;bundle-version="[3.4.0,4.0.0)",org.eclipse.ui.workbench;bundle-version="[3.5.0,4.0.0)",org.eclipse.jface;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.5.0,4.0.0)"
org.eclipse.compare.core_3.5.300.v20130514-1224.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.compare.core_3.5.300.v20130514-1224.jar
MD5: 90643CE50BCA388899B7421054139B54
SHA1: 115B19B145AAA8E9607BF03AE1B57DD9D0EAE649
Evidence
Source Name Value
file name 3.5.300.v20130514
file name org.eclipse.compare.core_3.5.300.v20130514-1224
file name org.eclipse.compare.core_3.5.300.v20130514-1224
jar package compare
jar package eclipse
jar package name compare
jar package name core
jar package name eclipse
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.compare.core
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.5.300.v20130514-1224
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.team.git;path="bundles/org.eclipse.compare.core";tag="I20130514-0919";commitId=a293d95118c40d93026a747f8d9bd4e609352a91
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.2.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.equinox.preferences_3.5.100.v20130422-1538.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.preferences_3.5.100.v20130422-1538.jar
MD5: FC94BBFA2DCFE6B40CEFCE0F5A305F3A
SHA1: BC48B6B0C00898D5EB2CBD6024FC0235AE04F3D2
Evidence
Source Name Value
file name org.eclipse.equinox.preferences_3.5.100.v20130422-1538
jar package core
jar package eclipse
jar package internal
jar package preferences
jar package name core
jar package name eclipse
jar package name internal
jar package name preferences
Manifest bundle-activationpolicy lazy; exclude:="org.eclipse.core.internal.preferences.exchange"
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment CDC-1.1/Foundation-1.1,J2SE-1.4
Manifest bundle-symbolicname org.eclipse.equinox.preferences; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest comment-header Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2
Manifest eclipse-lazystart true; exceptions="org.eclipse.core.internal.preferences.exchange"
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.bundles.git;path="bundles/org.eclipse.equinox.preferences";tag="I20130423-0017";commitId=71052352bef98535eade8308c490acbc4b2d21df
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)",org.eclipse.equinox.registry;bundle-version="[3.2.0,4.0.0)";resolution:=optional
universal.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/universal.jar
MD5: E3B9E3707F7EE8907EA25CCBE5B144AA
SHA1: DEF06774DF8370E37D8D422BD6E9D80A72BD77F0
Evidence
Source Name Value
file name universal
jar package eclipse
jar package internal
jar package intro
jar package ui
org.eclipse.ecf.ssl_1.1.0.v20130604-1622.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ecf.ssl_1.1.0.v20130604-1622.jar
MD5: B36E553B3B557F5455821E8E1C6A8B18
SHA1: 27DFCFDD5734A02BDB29386760EA8F9FA1A50BD4
Evidence
Source Name Value
file name org.eclipse.ecf.ssl_1.1.0.v20130604-1622
jar package ecf
jar package eclipse
jar package internal
jar package ssl
jar package name ecf
jar package name eclipse
jar package name ssl
Manifest Bundle-Name %plugin.name
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ecf.ssl
Manifest Bundle-Vendor %plugin.provider
org.eclipse.jface.databinding_1.6.200.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jface.databinding_1.6.200.v20130515-1857.jar
MD5: 34EB7A900B0430AAD1DB13DE820FB9B5
SHA1: 8C74D1442F9A5EBC4ED4A9ACCF1C936EF0A6B754
Evidence
Source Name Value
file name org.eclipse.jface.databinding_1.6.200.v20130515-1857
jar package databinding
jar package eclipse
jar package internal
jar package jface
jar package name databinding
jar package name eclipse
jar package name jface
jar package name swt
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment CDC-1.0/Foundation-1.0,J2SE-1.3
Manifest bundle-symbolicname org.eclipse.jface.databinding
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.jface.databinding";tag="I20130515-2000";commitId=bc510cfd80224d0d77919e36978d5bc71eb6fa3d
Manifest require-bundle org.eclipse.swt;bundle-version="[3.2.0,4.0.0)",org.eclipse.jface;bundle-version="[3.2.0,4.0.0)",org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.databinding.observable;bundle-version="[1.3.0,2.0.0)",org.eclipse.core.databinding.property;bundle-version="[1.3.0,2.0.0)",org.eclipse.core.databinding;bundle-version="[1.2.0,2.0.0)"
org.eclipse.pde.ds.ui.source_1.0.300.v20130507-2057.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.ds.ui.source_1.0.300.v20130507-2057.jar
MD5: FD1BDE3C7B914756B9A042771A544427
SHA1: AA767FA511766959818621B705EF549C8F6D76C1
Evidence
Source Name Value
file name org.eclipse.pde.ds.ui.source_1.0.300.v20130507-2057
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.pde.ds.ui.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.pde.ds.ui;version="1.0.300.v20130507-2057";roots:="."
org.eclipse.equinox.p2.director.source_2.3.0.v20130526-0335.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.director.source_2.3.0.v20130526-0335.jar
MD5: 5CC7EB2915655F22DF2E308512134DE5
SHA1: D2CA6FE122EE9605413E27EFA8AF720ED9020525
Evidence
Source Name Value
file name org.eclipse.equinox.p2.director.source_2.3.0.v20130526-0335
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.director.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.director;version="2.3.0.v20130526-0335";roots:="."
org.eclipse.core.filebuffers.source_3.5.300.v20130225-1821.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.filebuffers.source_3.5.300.v20130225-1821.jar
MD5: 1875E387D88224FB1C2417ED01CC7DC2
SHA1: DF46DEF0F58F3FF832CC26BC12F8AC13B2059A6B
Evidence
Source Name Value
file name org.eclipse.core.filebuffers.source_3.5.300.v20130225-1821
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.core.filebuffers.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.core.filebuffers;version="3.5.300.v20130225-1821";roots:="."
org.eclipse.pde.ui.templates_3.4.600.v20130507-2057.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.ui.templates_3.4.600.v20130507-2057.jar
MD5: 6E8CF98CF21E54B2D1920D5099A388F5
SHA1: 1E09CF55109E0DE40FC1F919DD310A58B210EAF5
Evidence
Source Name Value
file name 3.4.600.v20130507
file name org.eclipse.pde.ui.templates_3.4.600.v20130507-2057
file name org.eclipse.pde.ui.templates_3.4.600.v20130507-2057
jar package eclipse
jar package internal
jar package pde
jar package ui
jar package name eclipse
jar package name pde
jar package name ui
Manifest Bundle-Name %bundleName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.pde.ui.templates;singleton:=true
Manifest Bundle-Vendor %bundleVendor
Manifest Bundle-Version 3.4.600.v20130507-2057
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/pde/eclipse.pde.ui.git;path="ui/org.eclipse.pde.ui.templates";tag="I20130507-2000";commitId=9b82b38e0508b07a1f5d2040840571306060b9a6
Manifest require-bundle org.eclipse.ui;bundle-version="[3.3.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.3.0,4.0.0)",org.eclipse.pde.ui;bundle-version="[3.3.0,4.0.0)",org.eclipse.core.resources;bundle-version="[3.6.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.osgi.util.source_3.2.300.v20130513-1956.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.osgi.util.source_3.2.300.v20130513-1956.jar
MD5: B4312A25A810686F6BE538A5B16D1D31
SHA1: C818442F682AC1F153EB8717277CE11ADB0C2494
Evidence
Source Name Value
file name org.eclipse.osgi.util.source_3.2.300.v20130513-1956
jar package name org
jar package name osgi
jar package name util
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.osgi.util.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.osgi.util;version="3.2.300.v20130513-1956";roots:="."
pom artifactid eclipse.osgi.util
pom artifactid eclipse.osgi.util
pom groupid eclipse.osgi
pom groupid eclipse.osgi
org.eclipse.ui.views_3.6.100.v20130326-1250.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ui.views_3.6.100.v20130326-1250.jar
MD5: D5006849262D2365DB8EFC8DA508FEFD
SHA1: 9DCB1E35F197204CC2150627FAC026B188AD1D7B
Evidence
Source Name Value
file name 3.6.100.v20130326
file name org.eclipse.ui.views_3.6.100.v20130326-1250
file name org.eclipse.ui.views_3.6.100.v20130326-1250
jar package eclipse
jar package properties
jar package ui
jar package views
jar package name eclipse
jar package name ui
jar package name views
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ui.views; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.6.100.v20130326-1250
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/platform/eclipse.platform.ui.git;path="bundles/org.eclipse.ui.views";tag="I20130402-0800";commitId=ac8cd02e835171340e42b92f4bc4f2c861c9a2ce
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.2.0,4.0.0)",org.eclipse.help;bundle-version="[3.2.0,4.0.0)",org.eclipse.ui;bundle-version="[3.5.0,4.0.0)"
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.search.source_3.9.0.v20130312-1625.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.search.source_3.9.0.v20130312-1625.jar
MD5: AE54546989CB71561171F1809BDCD72D
SHA1: C2F0AC95551BE81D59048E4BA05D9BDD94B55578
Evidence
Source Name Value
file name org.eclipse.search.source_3.9.0.v20130312-1625
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.search.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.search;version="3.9.0.v20130312-1625";roots:="."
org.eclipse.ltk.ui.refactoring_3.7.100.v20130605-1748.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.ltk.ui.refactoring_3.7.100.v20130605-1748.jar
MD5: CB8F3E831DC540941605A428D08B4D10
SHA1: A2CFE9CC50E70376FA351ED6FA3370808BA6E1E8
Evidence
Source Name Value
file name org.eclipse.ltk.ui.refactoring_3.7.100.v20130605-1748
jar package eclipse
jar package internal
jar package ltk
jar package ui
jar package name eclipse
jar package name ltk
jar package name refactoring
jar package name ui
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.4
Manifest bundle-symbolicname org.eclipse.ltk.ui.refactoring; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/jdt/eclipse.jdt.ui.git;path="org.eclipse.ltk.ui.refactoring";tag="I20130605-2000";commitId=b1685b025876ed72aedfc8c7af59129b19055e7d
Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.expressions;bundle-version="[3.4.100,4.0.0)",org.eclipse.core.filebuffers;bundle-version="[3.5.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.2.0,2.0.0)",org.eclipse.core.resources;bundle-version="[3.5.0,4.0.0)",org.eclipse.ltk.core.refactoring;bundle-version="[3.6.0,4.0.0)",org.eclipse.jface.text;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui;bundle-version="[3.5.0,4.0.0)",org.eclipse.ui.navigator;bundle-version="[3.3.200,4.0.0)",org.eclipse.compare;bundle-version="[3.5.0,4.0.0)",org.eclipse.team.core;bundle-version="[3.4.100,4.0.0)",org.eclipse.team.ui;bundle-version="[3.4.100,4.0.0)"
org.eclipse.jdt.apt.pluggable.core.source_1.0.400.v20120516-0617.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.apt.pluggable.core.source_1.0.400.v20120516-0617.jar
MD5: E33704EB263E6B935ED27152CF049A2F
SHA1: 00020789D212BE4DE4E99AC91973AD5C12DAB540
Evidence
Source Name Value
file name org.eclipse.jdt.apt.pluggable.core.source_1.0.400.v20120516-0617
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jdt.apt.pluggable.core.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jdt.apt.pluggable.core;version="1.0.400.v20120516-0617";roots:="."
org.eclipse.core.net.source_1.2.200.v20130430-1352.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.core.net.source_1.2.200.v20130430-1352.jar
MD5: E4566985BFD9C3CEDD4204C4CBE93A99
SHA1: E6E05D6B0A14D9811190CF1280B3F8B9F0202CE0
Evidence
Source Name Value
file name org.eclipse.core.net.source_1.2.200.v20130430-1352
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.core.net.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.core.net;version="1.2.200.v20130430-1352";roots:="."
org.eclipse.jdt.apt.core.source_3.3.500.v20120516-0617.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.jdt.apt.core.source_3.3.500.v20120516-0617.jar
MD5: CD5BF2FB37731C503582A8902D6CD301
SHA1: 4B7508F1A51D7D7D5C51A3F60293CD25FCEE2EA7
Evidence
Source Name Value
file name org.eclipse.jdt.apt.core.source_3.3.500.v20120516-0617
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.jdt.apt.core.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.jdt.apt.core;version="3.3.500.v20120516-0617";roots:="."
org.eclipse.equinox.common_3.6.200.v20130402-1505.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.common_3.6.200.v20130402-1505.jar
MD5: 551DD5EFB955AF78E2794FB67A30BE0C
SHA1: 550778D95EA4D5F2FEE765E85EB799CEC21067E0
Evidence
Source Name Value
file name 3.6.200.v20130402
file name org.eclipse.equinox.common_3.6.200.v20130402-1505
file name org.eclipse.equinox.common_3.6.200.v20130402-1505
jar package core
jar package eclipse
jar package runtime
jar package name eclipse
jar package name equinox
jar package name path
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment CDC-1.1/Foundation-1.1,J2SE-1.4
Manifest bundle-symbolicname org.eclipse.equinox.common; singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 3.6.200.v20130402-1505
Manifest comment-header 3.2
Manifest comment-header Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.bundles.git;path="bundles/org.eclipse.equinox.common";tag="I20130409-0800";commitId=c36ff638c1be8c4e54e60786a058469aff8cd957
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.osgi.source_3.9.0.v20130529-1710.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.osgi.source_3.9.0.v20130529-1710.jar
MD5: E19D0982785D6821C1DBCE487D830B30
SHA1: 3B5A6CC8154AF508895202C458A077A364F48A01
Evidence
Source Name Value
file name org.eclipse.osgi.source_3.9.0.v20130529-1710
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.osgi.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.osgi;version="3.9.0.v20130529-1710";roots:="."
org.eclipse.debug.core.source_3.8.0.v20130514-0954.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.debug.core.source_3.8.0.v20130514-0954.jar
MD5: 8546D42C342D81363A171CEE84752114
SHA1: 24F2440030264BBB30138B3FD395DB82F35FEC16
Evidence
Source Name Value
file name org.eclipse.debug.core.source_3.8.0.v20130514-0954
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.debug.core.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.debug.core;version="3.8.0.v20130514-0954";roots:="."
org.eclipse.pde.ui.source_3.8.0.v20130515-1659.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.pde.ui.source_3.8.0.v20130515-1659.jar
MD5: E1EF9C6BEAA58B56428902AF2277ECDB
SHA1: 0ADBC6E5E6D1F0C10B5691591C3F293FF8A99E04
Evidence
Source Name Value
file name org.eclipse.pde.ui.source_3.8.0.v20130515-1659
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.pde.ui.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.pde.ui;version="3.8.0.v20130515-1659";roots:="."
org.eclipse.equinox.ds_1.4.100.v20130515-2026.jar
Description: This bundle provides support for OSGi Declarative Services
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.ds_1.4.100.v20130515-2026.jar
MD5: E8F13B12203B067115143220179FB8FE
SHA1: 10F814422C913D85446A2A8413AFD48EC928DB1A
Evidence
Source Name Value
file name 1.4.100.v20130515
file name org.eclipse.equinox.ds_1.4.100.v20130515-2026
file name org.eclipse.equinox.ds_1.4.100.v20130515-2026
jar package ds
jar package eclipse
jar package equinox
jar package internal
jar package name component
jar package name ds
jar package name eclipse
jar package name equinox
Manifest Bundle-Name %bundleName
Manifest bundle-requiredexecutionenvironment OSGi/Minimum-1.2,CDC-1.1/Foundation-1.1,J2SE-1.4
Manifest bundle-symbolicname org.eclipse.equinox.ds;singleton:=true
Manifest Bundle-Vendor %bundleVendor
Manifest Bundle-Version 1.4.100.v20130515-2026
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.bundles.git;path="bundles/org.eclipse.equinox.ds";tag="I20130515-2000";commitId=6c65b7e999aaea65098e7dc7117658bc19cb5985
Manifest lazy-manifestfilter (Service-Component=*)
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.e4.ui.workbench.addons.swt.source_1.0.0.v20130515-1857.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.e4.ui.workbench.addons.swt.source_1.0.0.v20130515-1857.jar
MD5: 3EFF3787638D65EF336230DEF8BE5839
SHA1: 254D269814166BCC1C77AA443DA8D4A2EB666773
Evidence
Source Name Value
file name org.eclipse.e4.ui.workbench.addons.swt.source_1.0.0.v20130515-1857
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.e4.ui.workbench.addons.swt.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.e4.ui.workbench.addons.swt;version="1.0.0.v20130515-1857";roots:="."
org.eclipse.equinox.p2.ui.sdk.scheduler.source_1.2.0.v20130603-2142.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.ui.sdk.scheduler.source_1.2.0.v20130603-2142.jar
MD5: 2184D1F55725850DE264BF812219FE2F
SHA1: 15CD99987494C4E86DFE21DD53D6FFDD0F23C91B
Evidence
Source Name Value
file name org.eclipse.equinox.p2.ui.sdk.scheduler.source_1.2.0.v20130603-2142
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.equinox.p2.ui.sdk.scheduler.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.equinox.p2.ui.sdk.scheduler;version="1.2.0.v20130603-2142";roots:="."
org.eclipse.equinox.p2.updatechecker_1.1.200.v20130327-2119.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.equinox.p2.updatechecker_1.1.200.v20130327-2119.jar
MD5: A55475E040615DDC57450FA3526DABB2
SHA1: 1462F0A05DCEA0371D4ABA18CBF9F616F522E060
Evidence
Source Name Value
file name 1.1.200.v20130327
file name org.eclipse.equinox.p2.updatechecker_1.1.200.v20130327-2119
file name org.eclipse.equinox.p2.updatechecker_1.1.200.v20130327-2119
jar package eclipse
jar package equinox
jar package internal
jar package name eclipse
jar package name equinox
jar package name p2
Manifest Bundle-Name %pluginName
Manifest bundle-requiredexecutionenvironment J2SE-1.5,J2SE-1.4,CDC-1.1/Foundation-1.1
Manifest bundle-symbolicname org.eclipse.equinox.p2.updatechecker;singleton:=true
Manifest Bundle-Vendor %providerName
Manifest Bundle-Version 1.1.200.v20130327-2119
Manifest eclipse-sourcereferences scm:git:git://git.eclipse.org/gitroot/equinox/rt.equinox.p2.git;path="bundles/org.eclipse.equinox.p2.updatechecker";tag="I20130402-0800";commitId=7184672bf7e9aed74dc896deea71041b570ffb9c
Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.3.0,4.0)"
Manifest service-component OSGI-INF/updatechecker.xml
Published Vulnerabilities
CVE-2010-2542 suppress
Severity:
High
CVSS Score: 7.5
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.
Vulnerable Software & Versions:
org.eclipse.platform.source_4.3.0.v20130605-2000.jar
File Path: /home/bcraig/Documents/Thesis/Analysis/reports/eclipse_SDK/Source/org.eclipse.platform.source_4.3.0.v20130605-2000.jar
MD5: 7B39F637C961A9BBBDDDF2B773AE94F1
SHA1: 61A8543A3B3DF96886BEEC776E0977038582B77F
Evidence
Source Name Value
file name org.eclipse.platform.source_4.3.0.v20130605-2000
Manifest bundle-localization OSGI-INF/l10n/bundle-src
Manifest Bundle-Name %bundleName
Manifest bundle-symbolicname org.eclipse.platform.source
Manifest Bundle-Vendor %bundleVendor
Manifest eclipse-sourcebundle org.eclipse.platform;version="4.3.0.v20130605-2000";roots:="platformsrc"